Try our new research platform with insights from 80,000+ expert users

D3 Security vs Palo Alto Networks Cortex XSOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

D3 Security
Ranking in Security Orchestration Automation and Response (SOAR)
19th
Average Rating
9.0
Reviews Sentiment
7.5
Number of Reviews
2
Ranking in other categories
Security Incident Response (8th)
Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
SOC as a Service (2nd)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of D3 Security is 0.4%, down from 0.5% compared to the previous year. The mindshare of Palo Alto Networks Cortex XSOAR is 11.0%, down from 12.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Muhammad Aamir Riaz - PeerSpot reviewer
Useful for automation and reporting and has open API for seamless integration
It was easy to integrate the tool with our infrastructure because all the APIs are pre-built. We just created a drag-and-drop prompt to integrate the solution with our infrastructure. I rate the overall solution a ten out of ten. Everyone needs to evaluate this solution according to their organization's needs because it can integrate well, but this depends on the technology you already have in your organization. It is an automation tool for detection and response, and while integration is possible, using legacy products could create issues. Some legacy products are closed systems and do not expose their APIs to other vendors. In such cases, you could run into problems. If you are considering this solution, check which APIs are available before you proceed. Otherwise, you may get the solution, but you must spend time on integrations. They provide integration support, but it's not automatic; it will take time.
NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution's valuable feature is its GUI. It has more than 450 connectors, which are excellent for connecting devices and automating integration. The solution has all the features we need. We deployed it in our environment, and it's fully integrated. Thanks to their open APIs, the seamless integration makes everything work well together."
"It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"It is a scalable solution."
"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"The most valuable features of Cortex XSOAR include its vast library of plugins, which allow us to integrate various tools and solutions seamlessly."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"Many different playbooks are available and can be customized."
"It is a scalable solution."
"We use the solution to automate our SIEM tools and incidents."
"The solution provides threat intelligence with EDR."
 

Cons

"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"The reporting, especially custom reporting, needs to be improved. Additionally, it would be better if it could be hosted on Linux."
"The user interface could be a bit better."
"It is been decommissioned by Palo Alto."
"It doesn't offer automatic internet reports out of the box."
"There should be an on-premise version available for customers to have different choices."
"Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations."
"I would love to see more flexibility on what we can display and design on the dashboards."
"We need a little hands-on experience to install the solution."
"The solution should be made a bit cheaper."
 

Pricing and Cost Advice

Information not available
"The solution's cost is high."
"There is a perception that it is priced very high compared to other solutions."
"The pricing is fair. The pricing reflects the value and feature set it offers."
"The solution's cost is reasonable."
"My company did not make any payments towards the licensing costs attached to the product since we were only using its pilot version."
"It is expensive."
"The price of Palo Alto Networks Cortex XSOAR is comparable to other solutions in the market."
"Palo Alto offers significant discounts to customers who purchase the products repeatedly."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
849,335 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
28%
Financial Services Firm
14%
Comms Service Provider
10%
Outsourcing Company
8%
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about D3 Security?
It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal.
What is your experience regarding pricing and costs for D3 Security?
We follow a different procurement process. For example, Fortinet qualified technically but lost out in the financial stage due to a two-stage bidding process. So, pricing can be subjective and depe...
What needs improvement with D3 Security?
The reporting, especially custom reporting, needs to be improved. Additionally, it would be better if it could be hosted on Linux.
What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
The complexity of Cortex XSOAR has a trade-off with its versatility. The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a down...
 

Also Known As

No data available
Demisto Enterprise, Cortex XSOAR, Demisto
 

Interactive Demo

Demo not available
 

Overview

 

Sample Customers

S&P Global, Scotiabank, Cybereason, Cummins
Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Find out what your peers are saying about D3 Security vs. Palo Alto Networks Cortex XSOAR and other solutions. Updated: April 2025.
849,335 professionals have used our research since 2012.