No more typing reviews! Try our Samantha, our new voice AI agent.

Fortinet FortiEDR vs Tanium comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Fortinet FortiEDR
Ranking in Endpoint Detection and Response (EDR)
12th
Average Rating
8.0
Reviews Sentiment
6.2
Number of Reviews
40
Ranking in other categories
No ranking in other categories
Tanium
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (3rd), Vulnerability Management (26th), Endpoint Protection Platform (EPP) (15th), Unified Endpoint Management (UEM) (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Fortinet FortiEDR is 2.6%, down from 3.6% compared to the previous year. The mindshare of Tanium is 2.0%, down from 2.3% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Fortinet FortiEDR2.6%
Tanium2.0%
Other91.8%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Anoop K Jayan - PeerSpot reviewer
Web Relationship Manager (WRM) at Bharat Sanchar Nigam Limited
Has strengthened endpoint protection for on-premise networks and supported migration to Linux environments
What really stands out in Fortinet FortiEDR is that we are integrating it with some private clouds at the customer's premises with secure SD-WAN networks. I don't know how much it contributes to this SD-WAN network in the own premises cloud solution, but that is what we are doing. This is especially relevant for government projects where the SD-WAN solution is within their private network, not touching the Internet or any other access. Their first requirement is centralized management. Additionally, they need antivirus updates and other things to be done through a centralized platform within that private cloud. That is their requirement, and currently, we temporarily allow internet access, but it is not preferred. We are moving towards a complete air gap, providing full isolation from the internet for that. We have started to work with machine learning capabilities in Fortinet FortiEDR. We are not that well-versed yet, but we have begun using machine learning for intrusion detection and other purposes. Regarding forensic analysis in Fortinet FortiEDR, it is useful in understanding attack vectors because our projects are based on the voice side, such as cloud PBX solutions and call center management. There are media activities and many attacks coming from the outside, as well as vulnerabilities from endpoints. In those cases, we need detailed analysis through an AI platform to inspect how these attacks are coming. We also require a proactive protection mechanism, including an alarm system for threat detection before attacks occur.
MA
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The biggest positive impact I see from Cortex XDR by Palo Alto Networks is a significant reduction in the number of people required to manage it."
"The stability is pretty good except for one or two cases, and based on the performance, it's been okay with pretty high performance, no bugs or glitches, and it doesn't crash or freeze."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Cortex XDR features advanced threat detection capabilities."
"The dashboard is customizable."
"From a single pane of glass, you can easily manage all of your endpoints."
"But overall, when we speak about security and protection, they are one of the top providers."
"The good thing about the product is that it's always scanning."
"For some organizations, FortiEDR is good enough, but for others, it's not, as it depends on the organization's infrastructure."
"Overall, we are quite happy with this product."
"Fortinet FortiEDR made our clients feel secure and more at ease, knowing that they had an EDR solution that would close the gap in their security posture."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"What really stands out in Fortinet FortiEDR is that we are integrating it with some private clouds at the customer's premises with secure SD-WAN networks."
"Ability to get forensics details and also memory exfiltration."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"I like the tool's incident response and security patching."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"Threat hunting is a very good feature on Tanium. We have just started using it and have not used it extensively."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in parallel."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"Tanium's most valuable feature is its instant discovery aspect."
 

Cons

"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"A better pricing plan would make this product more competitive."
"This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance."
"Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth."
"The solution eats memory of the computer, unlike anything I've ever seen."
"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."
"The solution could improve by providing better integration with their own products and others."
"ZTNA can improve latency."
"The support needs improvement."
"We'd like to be able to put this on our mobile devices and make secure connections to our network."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"When I implemented FortiEDR, it identified Cisco AnyConnect VPN as malicious data, which led to the VPN being cut off. Consequently, people could not work remotely from home."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"They could improve the UI."
"Tanium’s scalability could be improved."
"The solution lacks mobility."
"The problem or challenge is a pre-sales and go-to strategy for the SMB market delivered through a channel or model. It's very convoluted and vague, which leads to some confusion about the various types of modules, and the device-to-seat cost is extremely difficult to calculate."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
"The performance could improve in future releases. We have had performance issues in specialized web environments, but overall I think the problems are less than 2% of the computer systems being used."
"There are downsides and drawbacks in Tanium, and there is room for improvement from my perspective."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
 

Pricing and Cost Advice

"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"It's about $55 per license on a yearly basis."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"This is an expensive solution."
"The price was fine."
"It's not cheap, but it's not expensive either."
"The solution is not expensive."
"Fortinet FortiEDR has a yearly subscription."
"It's moderately priced, neither cheap nor expensive."
"The pricing is typical for enterprises and fairly priced."
"While the cost may have been high, we view it as a worthwhile investment due to Fortinet's reliability and long-term performance."
"I'm not familiar with pricing, but it looks a bit costly compared to other vendors I think."
"The price is comprable to other endpoint security solutions."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"It is higher than some competitors in the market."
"There is an annual license required to use this solution."
"It's an expensive solution. It would be nice if the cost were lower."
"The solution offers value for money."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"The solution is expensive but it's a good investment."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
904,836 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Computer Software Company
9%
Outsourcing Company
8%
Comms Service Provider
8%
Financial Services Firm
14%
Government
10%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business20
Midsize Enterprise9
Large Enterprise14
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What's the difference between Fortinet's FortiEDR and FortiClient?
I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protectio...
What is your experience regarding pricing and costs for Fortinet FortiEDR?
The pricing is moderate; I cannot label it as cheap, but it is moderate compared to other main solutions.
What needs improvement with Fortinet FortiEDR?
I will have my team provide more details about disadvantages via email later.
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
enSilo, FortiEDR
Tanium Inc Cloud, Tanium XEM
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Fortinet FortiEDR vs. Tanium and other solutions. Updated: June 2026.
904,836 professionals have used our research since 2012.