Try our new research platform with insights from 80,000+ expert users

Cortex XSIAM vs Vectra AI comparison

Palo Alto Networks and Vectra AI are both solutions in the Identity Threat Detection and Response (ITDR) category. Palo Alto Networks is ranked #6 with an average rating of 8.5, while Vectra AI is ranked #10 with an average rating of 8.0. Palo Alto Networks holds a 5.7% mindshare in ITDR, compared to Vectra AI’s 1.4% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 97% of Vectra AI users who would recommend it.
Cortex XSIAM
Read 11 Cortex XSIAM reviews
  • 566 Views
  • 415 Comparison Views
100% willing to recommend
Vectra AI
Read 44 Vectra AI reviews
  • 218 Views
  • 116 Comparison Views
97% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Nov 5, 2024

Vectra AI and Cortex XSIAM compete in the cybersecurity solutions category, focusing on threat detection and response. Based on the feature sets and user feedback, Vectra AI has an edge in actionable alerting and reducing false positives, which are critical in efficient threat management.

Features: Vectra AI excels with strong detection capabilities for east-west traffic, alert reduction through roll-up features, and metadata enrichment. Its integration with existing security tools and ability to track an attack's lifecycle also differentiate it. Cortex XSIAM's strengths include a comprehensive threat detection approach integrating machine learning, robust third-party integration, and valuable forensic investigation tools.

Room for Improvement: Vectra AI needs better SIEM integration, improved syslog handling, and more deployment flexibility across varied environments. Users also suggest enhancements in detection specificity and dashboard functionality. Cortex XSIAM could improve integration capabilities, optimize performance under heavy usage, and address pricing and technical support concerns to increase versatility within broader ecosystems.

Ease of Deployment and Customer Service: Vectra AI offers both on-premises and cloud solutions and is praised for responsive and knowledgeable technical support, with a positive view of customer service. Cortex XSIAM, mainly a cloud solution, is also recognized for its responsive technical support, concentrating on centralized assistance to meet user needs effectively.

Pricing and ROI: Vectra AI is seen as expensive, with some users citing its dated licensing model and extra feature costs. However, users report significant ROI through reduced incident response times and enhanced security operations. Cortex XSIAM is competitively priced but can become costly with add-ons. The ROI primarily comes from improved security efficiencies and faster threat detection, which many users find justifies its cost.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XSIAM vs. Vectra AI Report (Updated: March 2025).
Buyer's Guide
Cortex XSIAM vs. Vectra AI
March 2025
Download the complete report
Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
5.4
Automation increased ROI by over $500,000, reduced analyst needs, and improved incident handling, though some are still evaluating.
Sentiment score
7.1
Vectra AI improves security efficiency, reduces attack response time, and offers cost-effective risk mitigation, justifying investment with ROI.
 

Customer Service

Sentiment score
6.9
Cortex XSIAM support varies widely, with mixed reviews; premium support receives better feedback due to experienced staff.
Sentiment score
8.3
Vectra AI's support team is responsive and expert, offering timely assistance with high satisfaction scores from users.
It is ineffective in terms of responding to basic queries and addressing future requirements.
For more quotes and insights, download the Cortex XSIAM report
The support is quite reliable depending on the service engineer assigned.
For more quotes and insights, download the Vectra AI report
 

Scalability Issues

Sentiment score
7.2
Cortex XSIAM is mostly seen as highly scalable, adaptable, and integrates seamlessly across various enterprises and IT departments.
Sentiment score
7.5
Vectra AI offers scalable solutions, efficiently managing large environments with flexible integration for cloud or on-premises deployments.
Without proper integration, scaling up with more servers is meaningless.
For more quotes and insights, download the Cortex XSIAM report
No quotes available
For more quotes and insights, download the Vectra AI report
 

Stability Issues

Sentiment score
8.5
Cortex XSIAM is highly stable and reliable, often scoring 10/10, with rapid resolution of occasional update-related issues.
Sentiment score
8.0
Vectra AI is reliable with minimal downtime, smooth updates, resolved issues, and proactive support ensuring effective performance.
The product was easy to install and set up and worked right.
For more quotes and insights, download the Cortex XSIAM report
No quotes available
For more quotes and insights, download the Vectra AI report
 

Room For Improvement

Cortex XSIAM should enhance context, integration, flexibility, and support while streamlining its pricing and improving incident response automation.
Vectra AI requires better integration, detection algorithms, user interface, and enhanced threat response, network analysis, and reporting capabilities.
In terms of incident response automation, it is quite poor due to the lack of integration with all security tools, making manual intervention necessary.
Improvements could be made to the dashboard and GUI, making it easier to deploy.
Cortex could improve the detection and online resolution of security vulnerabilities.
For more quotes and insights, download the Cortex XSIAM report
You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end.
Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources.
For more quotes and insights, download the Vectra AI report
reviewer2666148 - PeerSpot reviewerJitendra_Singh - PeerSpot reviewerreviewer2590284 - PeerSpot reviewerMohammad Alkurdi - PeerSpot reviewerreviewer2238027 - PeerSpot reviewer
 

Setup Cost

Enterprise users find Cortex XSIAM costly, but competitive pricing; extra features and licensing complexity increase expenses.
Vectra AI offers competitive pricing based on IP addresses, justified by threat detection performance despite licensing complexities and additional costs.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
For more quotes and insights, download the Cortex XSIAM report
Vectra is cheaper in terms of pricing and features compared to Darktrace.
It is very acceptable when you compare it with Darktrace, for example.
For more quotes and insights, download the Vectra AI report
RJ
reviewer2590284 - PeerSpot reviewerreviewer2666148 - PeerSpot reviewerreviewer2238027 - PeerSpot reviewerMohammad Alkurdi - PeerSpot reviewer
 

Valuable Features

Cortex XSIAM offers strong security orchestration, AI threat mitigation, and competitive pricing, with seamless third-party integration and user-friendly setup.
Vectra AI enhances threat management with AI-driven detection, alert consolidation, seamless integration, and an intuitive dashboard design.
The flexibility for creating manual workflows stands out.
Its signature-less subscriptions and robust detection power stand out in improving threat detection.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
For more quotes and insights, download the Cortex XSIAM report
There are extensive out-of-box detection capabilities.
For more quotes and insights, download the Vectra AI report
reviewer2666148 - PeerSpot reviewerJitendra_Singh - PeerSpot reviewerreviewer2590284 - PeerSpot reviewerMohammad Alkurdi - PeerSpot reviewer
 

Categories and Ranking

Cortex XSIAM
Ranking in Identity Threat Detection and Response (ITDR)
6th
Ranking in AI-Powered Cybersecurity Platforms
7th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
11
Ranking in other categories
Security Information and Event Management (SIEM) (17th)
Vectra AI
Ranking in Identity Threat Detection and Response (ITDR)
10th
Ranking in AI-Powered Cybersecurity Platforms
6th
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
44
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (3rd), Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (15th)
 

Mindshare comparison

As of April 2025, in the Identity Threat Detection and Response (ITDR) category, the mindshare of Cortex XSIAM is 5.7%, up from 1.7% compared to the previous year. The mindshare of Vectra AI is 1.4%, up from 0.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Identity Threat Detection and Response (ITDR)
 

Featured Reviews

Forrest Stevens - PeerSpot reviewer
A robust security operation that ensures achieving automation, stability, and scalability
There is room for improvement in some areas, and I would highlight three key aspects. Firstly, the Attack Surface Management (ASM) module could benefit from more contextual depth. Currently, it tends to provide a broad overview without enriched context, and there's room for enhancement in this regard. Secondly, further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous. This would enhance its versatility and interoperability within a broader ecosystem. Regarding performance, there's potential for optimization. When multiple tabs are open in Cortex XSIAM, it can experience slowdowns, leading to longer load times for web pages. It's worth noting that this isn't a severe issue, and it doesn't entail waiting for extended periods, but there is room for improvement in terms of performance optimization.
Read full review
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Identity Threat Detection and Response (ITDR) solutions are best for your needs.
See recommendations
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
10%
Manufacturing Company
10%
Government
7%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Cortex XSIAM?
It is an effective solution in terms of performance and functionalities.
See all answers
What is your experience regarding pricing and costs for Cortex XSIAM?
The product is very expensive. Additional integration and support are not provided by Cortex and must be purchased from partners. This adds to the cost and delays projects due to resource dependency.
See all answers
What needs improvement with Cortex XSIAM?
The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which i...
See all answers
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
See all answers
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
See all answers
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM Logo
Palo Alto Networks Cortex XSOAR vs Cortex XSIAM
Compared 39% of the time
Microsoft Sentinel vs Cortex XSIAM Logo
Microsoft Sentinel vs Cortex XSIAM
Compared 15% of the time
Splunk SOAR vs Cortex XSIAM Logo
Splunk SOAR vs Cortex XSIAM
Compared 10% of the time
IBM Security QRadar vs Cortex XSIAM Logo
IBM Security QRadar vs Cortex XSIAM
Compared 10% of the time
CrowdStrike Falcon vs Cortex XSIAM Logo
CrowdStrike Falcon vs Cortex XSIAM
Compared 6% of the time
More Cortex XSIAM Competitors
Darktrace vs Vectra AI Logo
Darktrace vs Vectra AI
Compared 32% of the time
ExtraHop Reveal(x) vs Vectra AI Logo
ExtraHop Reveal(x) vs Vectra AI
Compared 11% of the time
Corelight vs Vectra AI Logo
Corelight vs Vectra AI
Compared 6% of the time
Cisco Secure Network Analytics vs Vectra AI Logo
Cisco Secure Network Analytics vs Vectra AI
Compared 6% of the time
Arista NDR vs Vectra AI Logo
Arista NDR vs Vectra AI
Compared 6% of the time
More Vectra AI Competitors
 

Product Reports

Buyer's Guide
Security Information and Event Management (SIEM)
March 2025
Cortex XSIAM reportDownload Cortex XSIAM product report
Buyer's Guide
Vectra AI
March 2025
Vectra AI reportDownload Vectra AI product report
 

Also Known As

No data available
Vectra Networks, Vectra AI NDR
 

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

  • Security Orchestration: Streamlines processes across security operations.
  • Automation and Response: Efficient incident response management.
  • Detection Enrichment: Enhances identification of threats.
  • Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
  • Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

  • Cost-Effectiveness: Provides economical options compared to other market players.
  • Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
  • Reduced Management Effort: Simplifies the administration of security operations.
  • Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?
  • High accuracy in identifying threat locations
  • Aggregation of alerts into single incidents
  • 24/7 threat detection
  • Visibility into the entire attack lifecycle
  • Risk score aggregation
  • Effective triaging of alerts
  • Integration with other tools
What benefits or ROI should users look for?
  • Enhanced threat detection and prioritization
  • Comprehensive network visibility
  • Reduction in false positives
  • Better incident response capabilities
  • Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Vectra AI
 

Sample Customers

Information Not Available
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Buyer's Guide
Cortex XSIAM vs. Vectra AI
March 2025
Free Report: Cortex XSIAM vs. Vectra AI
Find out what your peers are saying about Cortex XSIAM vs. Vectra AI and other solutions. Updated: March 2025.
DOWNLOAD NOW
845,406 professionals have used our research since 2012.
See our Cortex XSIAM vs. Vectra AI report.

We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.