Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Advanced Threat Prevention vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 19, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Advanced...
Ranking in Intrusion Detection and Prevention Software (IDPS)
6th
Average Rating
8.6
Reviews Sentiment
6.9
Number of Reviews
26
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
3rd
Average Rating
8.6
Reviews Sentiment
7.1
Number of Reviews
44
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (15th), Identity Threat Detection and Response (ITDR) (10th), AI-Powered Cybersecurity Platforms (6th)
 

Mindshare comparison

As of April 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Palo Alto Networks Advanced Threat Prevention is 7.4%, down from 8.0% compared to the previous year. The mindshare of Vectra AI is 11.3%, up from 10.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Carlos Bracamonte - PeerSpot reviewer
Robust, reliable, simple to install and good technical support
We are attempting to improve the use of URL filtering beyond threat protection. I'm not sure what the remaining threat protection features are off the top of my head. But beyond that, we use URL filtering. We have three approved cases for using external dynamic lists that are stored in a bucket repository. Then, for each URL site that needs to be whitelisted, we add it to the external dynamic list in order to gain access to this email. I would like Wildfire to be implemented. We use the equivalent in Cisco is the integration policies. We have the Wildfire but we are not currently implementing it. We don't have the license to use it, but we are not currently implementing it until we present the use cases that the company gives some value to and they approve the use of it.
Mohammad Alkurdi - PeerSpot reviewer
Innovative detection features enhance monitoring
The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The user interface is a bit more professional than some free products."
"Edge protection is a valuable feature."
"With the IP address flag, I was able to see that I was being hacked. The moment there was an interaction between somebody on my network and that IP, the solution was able to flag it, and we were able to protect ourselves."
"It effectively prevents malware, ransomware, and other attacks."
"Palo Alto Networks Threat Prevention is the market leader as far as security gateways and endpoint protection. Additionally, the threat database that is used is one of the best."
"The stability of Palo Alto Networks Threat Prevention is good."
"One of the most valuable features is the anti-malware protection."
"The most valuable feature of Palo Alto Threat Prevention for our company is the next generation firewall."
"It's important for us that the user interface is easy to understand and that is the biggest benefit we see from Vectra AI."
"Vectra AI helped our team be more productive and save time. We have less work thanks to it."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"The dashboard gives me a scoring system that allows me to prioritize things that I should look at. I may not necessarily care so much about one event, whereas if I have a single botnet detection or a brute force attack, I really want to get on top of those."
"One of the most valuable features of the platform is its ability to provide you with aggregated risk scores based on impact and certainty of threats being detected. This is both applied to individual and host detections. This is important because it enables us to use this platform to prioritize the most likely imminent threats. So, it reduces alert fatigue follow ups for security operation center analysts. It also provides us with an ability to prioritize limited resources."
"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"It's easy to manage, and I love the UX. It's very well designed. When we are looking for something, it's quite easy to find it."
 

Cons

"The initial setup is complex."
"Palo Alto's maintenance needs to be improved."
"The solution could benefit from improved AI analytics to predict potential attacks before they occur, similar to NDR systems."
"The solution needs to improve its local technical support services. There is no premium support offered in our market."
"Sometimes when you want to group a set of ports, and communicate with Palo Alto, you cannot group TCP and UDP ports together. This needs to be adjusted."
"It's not so easy to set up a test environment, because it's not so easy to get the test license. The vendor only gives you 90 days for a test license; it's a tough license to get."
"The price of licenses should be lowered to make it less costly to scale our solution."
"The pricing has improved with the newer generation of their Firewalls, but the price could always be lower. In comparison with other solutions, I believe they're quite competitive."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"Integration with other security components needs improvement. It should have true integration as opposed to just being a separate pane of glass."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"One of the things that we are missing a bit is the capability to add our own rules to it. At the moment, the tech engine does its thing, but we have some cool ideas to make additional rules. There should be an option in the platform to add custom rules, or there should be some kind of user group where we can suggest them for the roadmap and see if they get evaluated and get transparent communication on whether they will be implemented in the product or not."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."
"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."
"Some of their integrations with other sources of data, like external threat feeds, took a bit more work than I had hoped to get integrated."
 

Pricing and Cost Advice

"The product’s pricing is expensive for small companies."
"It is an expensive solution and I would like to see a drop in price."
"The pricing could be lower."
"Palo Alto Networks Advanced Threat Prevention is quite competitive, offering extensive threat detection and prevention capabilities, though it is priced higher than some alternatives."
"Palo Alto Networks Threat Prevention could improve by having consistent pricing at system levels."
"If you want to have all of the good features then you have to pay extra for licensing."
"There is an initial, expensive investment but the return is good."
"From one to ten, with one being the most expensive, I would rate the pricing of Palo Alto Networks Threat Prevention a one out of ten. It is my understanding that Palo Alto Networks Threat Prevention is the most expensive one."
"Vectra AI's pricing is cheaper than that of Darktrace."
"The pricing is high."
"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"Vectra AI is not a cheap solution."
"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."
"The solution is low-cost and affordable."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
10%
Government
9%
Financial Services Firm
13%
Computer Software Company
13%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?
The pricing is competitive, and with current campaigns and discounts, it provides an excellent device for a reasonable price.
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
What is your experience regarding pricing and costs for Vectra AI?
It is very acceptable when you compare it with Darktrace, for example.
 

Also Known As

No data available
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Palo Alto Networks Advanced Threat Prevention vs. Vectra AI and other solutions. Updated: March 2025.
844,944 professionals have used our research since 2012.