No more typing reviews! Try our Samantha, our new voice AI agent.

Fortinet FortiEDR vs Tanium comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Fortinet FortiEDR
Ranking in Endpoint Detection and Response (EDR)
12th
Average Rating
8.0
Reviews Sentiment
6.2
Number of Reviews
40
Ranking in other categories
No ranking in other categories
Tanium
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (3rd), Vulnerability Management (26th), Endpoint Protection Platform (EPP) (15th), Unified Endpoint Management (UEM) (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Fortinet FortiEDR is 2.6%, down from 3.6% compared to the previous year. The mindshare of Tanium is 2.0%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Fortinet FortiEDR2.6%
Tanium2.0%
Other91.8%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Anoop K Jayan - PeerSpot reviewer
Web Relationship Manager (WRM) at Bharat Sanchar Nigam Limited
Has strengthened endpoint protection for on-premise networks and supported migration to Linux environments
What really stands out in Fortinet FortiEDR is that we are integrating it with some private clouds at the customer's premises with secure SD-WAN networks. I don't know how much it contributes to this SD-WAN network in the own premises cloud solution, but that is what we are doing. This is especially relevant for government projects where the SD-WAN solution is within their private network, not touching the Internet or any other access. Their first requirement is centralized management. Additionally, they need antivirus updates and other things to be done through a centralized platform within that private cloud. That is their requirement, and currently, we temporarily allow internet access, but it is not preferred. We are moving towards a complete air gap, providing full isolation from the internet for that. We have started to work with machine learning capabilities in Fortinet FortiEDR. We are not that well-versed yet, but we have begun using machine learning for intrusion detection and other purposes. Regarding forensic analysis in Fortinet FortiEDR, it is useful in understanding attack vectors because our projects are based on the voice side, such as cloud PBX solutions and call center management. There are media activities and many attacks coming from the outside, as well as vulnerabilities from endpoints. In those cases, we need detailed analysis through an AI platform to inspect how these attacks are coming. We also require a proactive protection mechanism, including an alarm system for threat detection before attacks occur.
MA
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex XDR features advanced threat detection capabilities."
"We use it for malicious connections from malicious websites, to identify payloads that might be inside the traffic, to identify malicious processes or bugs that are running on the network, and any activities that tend to lead to data infiltration."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities."
"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"The solution helps find bugs, and it is safe to use to prevent attacks by hackers."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"The product's initial setup phase is very easy."
"The setup is pretty simple."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"I get alerts when scripts are detected in the environment."
"Overall, we are quite happy with this product."
"I like the tool's incident response and security patching."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"Tanium's most valuable feature is its instant discovery aspect."
"The interrogation piece was the most valuable feature because it was very detailed."
"Tanium is highly scalable."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
 

Cons

"I feel that it should not be a licensed activity because a feature should allow us to see applications running on end devices."
"The encryption is not up to the mark."
"The solution could improve by providing better integration with their own products and others."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"The GUI could be improved."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"The solution should address emerging threats like SQL injection."
"Making the portal mobile friendly would be helpful when I am out of office."
"We'd like to see more one-to-one product presentations for the distribution channels."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"In smaller markets like Serbia, Bosnia, Montenegro, and Slovenia, it can be challenging to find customers with 500 endpoints. My suggestion to Fortinet would be to lower this minimum order quantity to one."
"Everything with Fortinet having to do with their cloud services. They need to invest more in their internal infrastructure that they are running in the cloud. One of the things I find with their cloud environment compared to others' is that they go cheap on the equipment. So it causes some performance degradation."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The most painful thing is the interface. It's a bit unclear sometimes."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"Tanium required local admin or root rights on Mac devices, which did not comply with our security policies. This made the solution less suitable for our restrictive environment."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"I would like to have more integrations and custom plugins to input. Integration is always a big deal in a lot of different environments."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
 

Pricing and Cost Advice

"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"Cortex XDR’s pricing is very reasonable."
"Cortex XDR's pricing is ok."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"Very costly product."
"It has reasonable pricing for the use cases it provides to the company."
"The price of the product is not very economical."
"The pricing is typical for enterprises and fairly priced."
"There are no issues with the pricing."
"I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
"I would rate the solution's pricing an eight out of ten."
"It's moderately priced, neither cheap nor expensive."
"We got a good deal on licensing, so it is in the competitive range."
"The hardware costs about €100,000 and about €20,000 annually for access."
"The solution is not expensive."
"The solution is expensive but it's a good investment."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"It's an expensive solution. It would be nice if the cost were lower."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The solution offers value for money."
"There is an annual license required to use this solution."
"It is higher than some competitors in the market."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,807 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Manufacturing Company
10%
Computer Software Company
9%
Comms Service Provider
8%
Financial Services Firm
7%
Financial Services Firm
14%
Government
11%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise9
Large Enterprise14
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What's the difference between Fortinet's FortiEDR and FortiClient?
I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protectio...
What is your experience regarding pricing and costs for Fortinet FortiEDR?
The pricing is moderate; I cannot label it as cheap, but it is moderate compared to other main solutions.
What needs improvement with Fortinet FortiEDR?
I will have my team provide more details about disadvantages via email later.
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
enSilo, FortiEDR
Tanium Inc Cloud, Tanium XEM
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Fortinet FortiEDR vs. Tanium and other solutions. Updated: June 2026.
903,807 professionals have used our research since 2012.