Try our new research platform with insights from 80,000+ expert users

Cortex XSIAM vs Google Security Operations comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 9, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
17th
Ranking in AI-Powered Cybersecurity Platforms
7th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
12
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th)
Google Security Operations
Ranking in Security Information and Event Management (SIEM)
32nd
Ranking in AI-Powered Cybersecurity Platforms
10th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
4
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (16th)
 

Mindshare comparison

As of April 2025, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 2.8%, up from 0.6% compared to the previous year. The mindshare of Google Security Operations is 0.5%, up from 0.0% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM)
 

Featured Reviews

AKASH MAJUMDER - PeerSpot reviewer
Incident response times have significantly reduced with efficient device integration and log parsing capabilities
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports. Additionally, a future update request is to enable tagging of endpoints in groups, similar to a feature available in Cortex XDR. The AI analytics need fine-tuning because some use cases are not working from my side.
reviewer2203269 - PeerSpot reviewer
Real-time threat detection and alarm management have improved security operations
Google SecOps is extremely useful for threat detection and hunting. It provides a detailed pipeline for detection and is beneficial for real-time threat monitoring when integrated with Mandiant. The tool's integration capabilities are effective, and it helps in managing alarms for normal threats efficiently. Overall, Google SecOps is a very useful service for security operations.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The flexibility for creating manual workflows stands out."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"The flexibility for creating manual workflows stands out."
"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."
"One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities."
"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."
"The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user interface is generally straightforward, although recent changes may require some adjustment and Siemplify's integrations and capabilities offer potential support for various compliance requirements."
"Overall, Google SecOps is a very useful service for security operations."
"Without hyperbole, I have never, in my entire career, encountered a vendor or a vendor community as awesome as Siemplify. Siemplify and the Siemplify Community quite literally made it possible for our SOC to increase almost five-fold in our number of clients and number of analysts and to go from a Monday to Friday 9-5 shop to a 24/7 shop all in the span of under a year and a half and all while continually adding capabilities and improving the services we offer to our clients."
"The most valuable feature of Siemplify is the playbooks that can be created."
"Google SecOps is extremely useful for threat detection and hunting."
 

Cons

"Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike."
"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."
"It could provide more integration with a large variety of products."
"The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long."
"The solution’s pricing and technical support could be improved."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
"Cortex could improve the detection and online resolution of security vulnerabilities."
"The first impression is that XSIAM would be more expensive than others we tried."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"I'm inclined to say that I'd love to see some Machine Learning capabilities integrated into the platform, however, I just attended a demo this morning where Siemplify gave a sneak peek into some Machine Learning capabilities that they are currently developing and have roadmapped for release soon."
"Building the playbooks could be easier and the integration could improve. It is a difficult process, such as what API connections need to be made."
"The main improvement could be in the accuracy and detail provided in threat descriptions."
"We often encounter minor issues that could be improved, but we maintain communication with the developers and submit feature requests. Recently, I requested enhancements such as improved search functionality within playbooks and expanded options for exporting case data."
 

Pricing and Cost Advice

"The solution is expensive compared to its competitors."
"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
"The solution comes at a significant cost."
Information not available
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Manufacturing Company
10%
Financial Services Firm
10%
Government
7%
Computer Software Company
17%
Financial Services Firm
16%
Retailer
10%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Cortex XSIAM?
It is an effective solution in terms of performance and functionalities.
What is your experience regarding pricing and costs for Cortex XSIAM?
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable. CrowdStrike licensing is easier and follows an annual recurring revenue model, unlike Cortex XSIAM.
What needs improvement with Cortex XSIAM?
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike. CrowdStrike offers an annual recurring revenue option that Cortex XSIAM does not provide.
What do you like most about Siemplify?
The playbooks feature in Siemplify is crucial for automation. We've utilized both standard and custom integrations with other security operation solutions, enhancing our flexibility. The user inter...
What is your experience regarding pricing and costs for Siemplify?
The pricing for Google SecOps and Microsoft Sentinel is almost the same, with no significant differences.
What needs improvement with Siemplify?
The main improvement could be in the accuracy and detail provided in threat descriptions. Google SecOps reports could be more detailed, similar to the comprehensive descriptions provided by Microso...
 

Also Known As

No data available
Siemplify ThreatNexus
 

Overview

 

Sample Customers

Information Not Available
FedEx Mondelez Intenrational Check Point Trustwave Atos Cyberint Bae Systems Crowe Longwall Security Telefonica Nordea HCL
Find out what your peers are saying about Cortex XSIAM vs. Google Security Operations and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.