Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Tanium comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
Tanium
Ranking in Endpoint Protection Platform (EPP)
37th
Average Rating
7.4
Reviews Sentiment
6.8
Number of Reviews
17
Ranking in other categories
Server Monitoring (10th), Vulnerability Management (22nd), Endpoint Detection and Response (EDR) (26th)
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.9%, down from 5.1% compared to the previous year. The mindshare of Tanium is 2.5%, up from 2.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Ed Jarecki - PeerSpot reviewer
A scalable solution that helps to understand how infrastructure works
We use the tool as an infrastructure operational management solution.  The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization.  Any movement into a SaaS solution has challenges since the processes and data flows are not well…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The tool is easy to use."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"The solution doesn't need a high level of technical training."
"The protection offered by this product is good, as is the endpoint reporting."
"It's a nice product that's stable and scalable."
"The most valuable for us is the correlation feature."
"The product has an intuitive dashboard."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"The security features are very valuable."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"The interrogation piece was the most valuable feature because it was very detailed."
"The product is granular and can build complex roles compared to other EDR vendors."
 

Cons

"The encryption is not up to the mark."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"The playbooks could be improved to include more functionalities or actions."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"Tanium’s scalability could be improved."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"The most painful thing is the interface. It's a bit unclear sometimes."
"The solution lacks mobility."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
 

Pricing and Cost Advice

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"The tool's price is moderate."
"It's about $55 per license on a yearly basis."
"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"This is an expensive solution."
"The cost depends on your chosen license type, like Pro or other licenses."
"The price of the solution is high for the license and in general."
"There is an annual license required to use this solution."
"The solution offers value for money."
"The solution is expensive but it's a good investment."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"It's an expensive solution. It would be nice if the cost were lower."
"It is higher than some competitors in the market."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
848,576 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Government
7%
Manufacturing Company
7%
Financial Services Firm
17%
Government
13%
Computer Software Company
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, creat...
What is your primary use case for Tanium?
We primarily use Tanium for patching, focusing on vulnerabilities. Our major goal with Tanium is to patch based on vulnerabilities detected by our other vulnerability tools.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Tanium and other solutions. Updated: April 2025.
848,576 professionals have used our research since 2012.