Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Webroot Business Endpoint Protection comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
Webroot Business Endpoint P...
Ranking in Endpoint Protection Platform (EPP)
42nd
Average Rating
7.8
Reviews Sentiment
5.8
Number of Reviews
31
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.9%, down from 5.1% compared to the previous year. The mindshare of Webroot Business Endpoint Protection is 0.7%, down from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Rick Cassel - PeerSpot reviewer
Lightweight and not hard to set up however, does not offer good reporting
We've had a couple of events both this year and last year where it just didn't seem to catch ransomware, which is impossible to do if someone has hands-on with the system. There were some things that they had or used to have or don't have that I still haven't figured out called journaling. And it was supposed to be a way to roll back changes that were made. However, they're telling me they don't have that. That's not in the system. It’s my understanding that it doesn’t actually scan any files at all. They just look at their database of files they've scanned previously, and either it matches or doesn't. That might be where the shortcoming is, is that it just can't stay up-to-date fast enough to stop new things that are coming in. It's an after-the-fact anti-virus. It doesn't do anything proactive. The virus has to hit the machine before it detects it. There is one thing that is deplorable with the product that I would change as soon as I found a better one. However, the reports are worthless. You go and look at a scan report and cannot get a log of machines. I can log into a console and see the files were scanned every day at 2:00 AM, and they all passed green or something was detected and removed. However, you have to go to the console. I don't have anything that I can send to my client on reports. What they give you is a bunch of bar graphs with no details. You can't drill down. It'll say two infections. However, it doesn't tell you what machines. You've just really got several different reports, and they're all just a bunch of graphs and wasted paper. There's nothing really substantial. The reports that I can use for client-facing, once a month, to say, "Here, we scanned all these workstations. Here are our results," don’t exist. They've got fake reports. I've screamed about that for years, and they just won't do anything. Therefore, I created my own little up-to-date or not ask fail-type report. I send that to them in place of a report directly from a product.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"After deploying Traps, we saw the performance of the network improve by 65 to 70 percent."
"It is an easy-to-use tool."
"The product's initial setup phase is very easy."
"The most valuable for us is the correlation feature."
"We can visualize and control the activities in the environment from anywhere."
"Stability is one of the features we like the most."
"It has pretty much everything we need and works well within the Palo Alto ecosystem."
"Its ease of installation is valuable. It has been a low-resource tool and the continuous updates in the past have made it attractive from the standpoint of the trust level on the protection."
"It is very lightweight on the workstations, not slowing them down while still doing its job very well."
"The traffic security monitoring, traffic application access feature called the agent, the main feature which is the endpoint security feature are the ones I found valuable. And it also had the in branch security in kind of SD WAN, good three hundred and sixty protection. It is specific and there is ease of deployment also present."
"We've not had any issues with scalability. If an organization needs to expand, they can do so quite easily."
"The ease of use of the centralized admin console is its best asset."
"I rate the initial setup phase a ten on a scale of one to ten, where one is difficult, and ten is easy."
"Low performance requirements."
"The main reason we had Webroot is that it was cost-effective for our clients."
 

Cons

"Impact on system performance is horrible, adding a lot of delays for users."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"The playbooks could be improved to include more functionalities or actions."
"The solution lacks real-time, on-demand antivirus."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"Whenever the tool releases a new version when deploying the product across the organization, I feel like there are some disturbances in the CPU usage after upgrading the tool to the latest version."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"It needs to improve the problems with the faster connection, and have a huge reduction in false positives."
"I believe that Webroot Business Endpoint Protection should offer a more modern UI."
"Their customer support should be better. We started having some issues with it, and we didn't get the required support."
"One of the biggest pain points is that it's not really ransomware-oriented. They will be able to catch some, but that's where Sentinel One is a better player compared to Webroot."
"It would be great if there was a feature which would allow you to scan an individual file on an endpoint user's computer."
"It would be nice if it had a feature for automatically generating reports on the client end for device status, security status and backup information."
"The solution could improve by providing better ransomware protection."
"We need more control over when upgrades to the app are rolled out."
 

Pricing and Cost Advice

"Very costly product."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"Cortex XDR by Palo Alto Networks is an expensive solution."
"Our customers have expressed that the price is high."
"I don't recall what the cost was, but it wasn't really that expensive."
"It is "expensive" and flexible."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"If you purchase for clients, then you are the managing billing entity. It's better to either get a monthly subscription check from your clients, or to prepay for the year (so as to not keep cash in reserve to pay the bill each month) IMHO."
"I can't recall the exact pricing, but I believe there is a monthly fee of $20-30 per user."
"Get a trial, then a multi-year license."
"It is relatively cheap."
"We evaluate other options using multiple choices, best value, management and functionality."
"Work on a price tier plan."
"The solution is very cost-effective."
"With Webroot Business Endpoint Protection, I can select a yearly billing cycle."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Government
7%
Manufacturing Company
7%
Computer Software Company
18%
Real Estate/Law Firm
13%
Comms Service Provider
8%
Financial Services Firm
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
What do you like most about Webroot Business Endpoint Protection?
I haven't observed any of the instabilities in the solution. It is a stable solution.
What is your experience regarding pricing and costs for Webroot Business Endpoint Protection?
Webroot Business Endpoint Protection is probably on the cheaper side, so I would rate their pricing a one or a two out of ten.
What needs improvement with Webroot Business Endpoint Protection?
Webroot Business Endpoint Protection needs to improve its ability to detect threats. It does not do what it's advertised to do. Real-time threat detection also doesn't work as it should.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Webroot SecureAnywhere Business Endpoint Protection
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Mytech Partners
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Webroot Business Endpoint Protection and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.