Try our new research platform with insights from 80,000+ expert users

Cortex XSIAM vs Google Security Operations comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
17th
Ranking in AI-Powered Cybersecurity Platforms
7th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th)
Google Security Operations
Ranking in Security Information and Event Management (SIEM)
32nd
Ranking in AI-Powered Cybersecurity Platforms
10th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
4
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (16th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 2.8%, up from 0.6% compared to the previous year. The mindshare of Google Security Operations is 0.5%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

AKASH MAJUMDER - PeerSpot reviewer
Incident response times have significantly reduced with efficient device integration and log parsing capabilities
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports. Additionally, a future update request is to enable tagging of endpoints in groups, similar to a feature available in Cortex XDR. The AI analytics need fine-tuning because some use cases are not working from my side.
reviewer2203269 - PeerSpot reviewer
Real-time threat detection and alarm management have improved security operations
Google SecOps is extremely useful for threat detection and hunting. It provides a detailed pipeline for detection and is beneficial for real-time threat monitoring when integrated with Mandiant. The tool's integration capabilities are effective, and it helps in managing alarms for normal threats efficiently. Overall, Google SecOps is a very useful service for security operations.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards."
"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."
"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."
"Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent."
"One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities."
"The flexibility for creating manual workflows stands out."
"I would give Cortex XSIAM a rating of ten out of ten."
"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"Google SecOps is extremely useful for threat detection and hunting."
"Overall, Google SecOps is a very useful service for security operations."
"The most valuable feature of Siemplify is the playbooks that can be created."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
 

Cons

"The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long."
"Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike."
"The support could be a bit faster."
"The standard integrations are very limited, and the integrations available are not listed in the marketplace."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
"The solution’s pricing and technical support could be improved."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"The first impression is that XSIAM would be more expensive than others we tried."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
 

Pricing and Cost Advice

"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"The solution comes at a significant cost."
"The solution is expensive compared to its competitors."
"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
849,190 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Manufacturing Company
10%
Financial Services Firm
10%
Government
7%
Computer Software Company
17%
Financial Services Firm
16%
Retailer
10%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex XSIAM?
It is an effective solution in terms of performance and functionalities.
What is your experience regarding pricing and costs for Cortex XSIAM?
The licensing cost of Cortex XSIAM is more or less the same as Splunk, making it quite expensive compared to other tools. There are additional expenses for more functionalities.
What needs improvement with Cortex XSIAM?
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports. Additionally, a future update request is to enable tagging of endpoints in groups, simila...
What do you like most about Siemplify?
The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user inter...
What is your experience regarding pricing and costs for Siemplify?
The pricing for Google SecOps and Microsoft Sentinel is almost the same, with no significant differences.
What needs improvement with Siemplify?
The main improvement could be in the accuracy and detail provided in threat descriptions. Google SecOps reports could be more detailed, similar to the comprehensive descriptions provided by Microso...
 

Also Known As

No data available
Siemplify ThreatNexus
 

Overview

 

Sample Customers

Information Not Available
FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Find out what your peers are saying about Cortex XSIAM vs. Google Security Operations and other solutions. Updated: April 2025.
849,190 professionals have used our research since 2012.