Palo Alto Networks Advanced Threat Prevention vs Vectra AI comparison

Palo Alto Networks Advanced...

Read 44 Vectra AI reviews

5,364 Views
2,737 Comparison Views

97% willing to recommend

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Dec 19, 2024

Vectra AI and Palo Alto Networks Advanced Threat Prevention are leaders in cybersecurity solutions. Palo Alto Networks seems to have an advantage with its comprehensive integration capabilities and user appreciation for its protective features.

Features: Vectra AI uses AI and machine learning to reduce alerts and correlate threats with hosts, providing deep security insights with network metadata capture. It assists in risk score aggregation, helping SOC analysts prioritize threats. Palo Alto Networks Advanced Threat Prevention offers integration with other Palo Alto tools, enhancing malware detection, traffic inspection, and application behavior checking with signature-based prevention.

Room for Improvement: Vectra AI experiences integration challenges with third-party systems, such as SIEM, and requires better management of false positives and threat context. Palo Alto Networks can improve its IPS capabilities and simplify its complex licensing models, as well as expanding email protection features.

Ease of Deployment and Customer Service: Vectra AI offers flexible deployment across on-premises, cloud, and hybrid environments, receiving praise for its responsive technical support, albeit with reliance on specific key personnel. Palo Alto Networks provides similar deployment options and is recognized for its robust customer service, characterized by quick responses and problem-solving.

Pricing and ROI: Vectra AI, while costly, provides value by reducing threat response times, offering ROI as efficient security operations. Its pricing can be prohibitive for some. Palo Alto is also expensive, but its extensive capabilities and scalability cater well to larger enterprises, with ROI seen in preempting attacks and optimizing security measures.

To learn more, read our detailed Palo Alto Networks Advanced Threat Prevention vs. Vectra AI Report (Updated: March 2025).

Palo Alto Networks Advanced Threat Prevention vs. Vectra AI

Download the complete report

Helped 842,466 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Palo Alto Networks Advanced...

Ranking in Intrusion Detection and Prevention Software (IDPS)

7th

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Vectra AI

Ranking in Intrusion Detection and Prevention Software (IDPS)

2nd

Average Rating

8.6

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)

Mindshare comparison

As of March 2025, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Palo Alto Networks Advanced Threat Prevention is 7.5%, down from 8.1% compared to the previous year. The mindshare of Vectra AI is 11.5%, up from 10.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Intrusion Detection and Prevention Software (IDPS)

Featured Reviews

Carlos Bracamonte

Senior Network Support Engineer at Amadeus

Robust, reliable, simple to install and good technical support

We are attempting to improve the use of URL filtering beyond threat protection. I'm not sure what the remaining threat protection features are off the top of my head. But beyond that, we use URL filtering. We have three approved cases for using external dynamic lists that are stored in a bucket repository. Then, for each URL site that needs to be whitelisted, we add it to the external dynamic list in order to gain access to this email. I would like Wildfire to be implemented. We use the equivalent in Cisco is the integration policies. We have the Wildfire but we are not currently implementing it. We don't have the license to use it, but we are not currently implementing it until we present the use cases that the company gives some value to and they approve the use of it.

Read full review

Mohammad Alkurdi

Owner at Fortibits

Innovative detection features enhance monitoring

The advantages of the integration are not entirely out-of-the-box. You have to do it manually. When I'm doing tier response, an out-of-the-box solution is not available. You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end. This is a major consideration about them. The recall feature, if it can be placed in some areas instead of the cloud, and charged for, would be better. Recall the storage where you watch all the traffic, and you can recall it and try to analyze it in the back end. It’s cloud-based. If they offer it on-prem, it would be better. I think they have a solution, but I have never tested it, to be honest with you.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"The most valuable features are the simplicity, transparency, and overall ease of management."

"The initial setup was straightforward. It's quite easy. Deployment took one to two weeks."

"One of the most valuable features is the anti-malware protection."

"Everything has been okay with the solution. We are using all of the features."

"You can scale the product."

"Palo Alto Networks Threat Prevention is the market leader as far as security gateways and endpoint protection. Additionally, the threat database that is used is one of the best."

"The stability of Palo Alto Networks Threat Prevention is good."

"The most valuable features are that it's user-friendly, has interesting features, URL filtering, and threat prevention."

More Palo Alto Networks Advanced Threat Prevention pros

"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."

"The core product provides excellent visibility, but my favorite feature is Vectra Recall."

"There are many detection features available."

"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."

"We often use the new feature to create PCAP files from the whole data traffic. It makes it much easier to find network problems such as whether the server is responding to a request. It has nothing to do with security, but it helps a lot to find other problems."

"It gives you access, with Recall, to instant visibility into your network through something like a SIEM solution. For us, being able to correlate all of this network data without having to manage it, has provided immediate value. It gives us the ability to really work on the stuff where I and my team have expertise, instead of having to manage a SIEM solution..."

"It is doing some artificial intelligence. If it sees a server doing a lot of things, then it will assume that is normal. So, it is looking for anomalous behavior, things that are out of context which helps us reduce time. Therefore, we don't have to look in all the logs. We just wait for Vectra to say, "This one is behaving strange," then we can investigate that part."

"The packet-capturing feature is very useful."

More Vectra AI pros

Cons

"Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features."

"The organization mail security solutions could be improved. There is no mail security solution available."

"Palo Alto's maintenance needs to be improved."

"Mission learning techniques should continue to expand and detect unknown threats on the fly."

"In terms of what needs improvement, the only thing I don't like is the support."

"The solution could benefit from improved AI analytics to predict potential attacks before they occur, similar to NDR systems."

"The cost involves the price of the hardware, which is expensive. However, most of the Palo Alto solutions are expensive."

"The application’s pricing and dashboard need improvement. It could be user-friendly."

More Palo Alto Networks Advanced Threat Prevention cons

"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."

"One of the things I am not so happy about when it comes to Vectra is the scoring board."

"ExtraHop has better features that seem more advantageous when compared to Vectra."

"We have had a few issues with the integration of Vectra AI with EDR. Some filters have not been working. We've also had issues with the brain not being powerful enough."

"Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources."

"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."

"The solution's marketing is not good."

"We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well."

More Vectra AI cons

Pricing and Cost Advice

"It's not too expensive."

"The pricing could be lower."

"If you want to have all of the good features then you have to pay extra for licensing."

"From one to ten, with one being the most expensive, I would rate the pricing of Palo Alto Networks Threat Prevention a one out of ten. It is my understanding that Palo Alto Networks Threat Prevention is the most expensive one."

"The pricing and the licensing are pretty competitive at this stage. As a reseller, I would like to see the price come down a little bit so I can compete better against other firewalls because we do that all the time."

"The product’s pricing is expensive for small companies."

"There is an initial, expensive investment but the return is good."

"Palo Alto Networks Threat Prevention could improve by having consistent pricing at system levels."

More Palo Alto Networks Advanced Threat Prevention pricing and cost advice

"Vectra's licensing model could scale to our research network, which has multiple, 100-gigabit links."

"We are running at about 90,000 pounds per year. The solution is a licensed cost. The hardware that they gave us was pretty much next to nothing. It is the license that we're paying for."

"Vectra's pricing is too high. All schools will not be able to afford it. Vectra will only end up targeting higher education and higher value independence purely because of the price. A lot of schools would love to have a product like Vectra AI, but they simply can't because they struggle to even pay the high E5 licensing from Microsoft. When you're up against that, Vectra AI is never going to be within the sector's price range."

"The license is based on the concurrent IP addresses that it's investigating. We have 9,800 to 10,000 IP addresses."

"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."

"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."

"Vectra AI is not a cheap solution."

"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."

More Vectra AI pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.

See recommendations

842,466 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

17%

Financial Services Firm

11%

Manufacturing Company

10%

Government

Financial Services Firm

13%

Computer Software Company

13%

Manufacturing Company

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?

Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.

What do you like most about Palo Alto Networks Threat Prevention?

It is a stable product.

What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?

The pricing is competitive, and with current campaigns and discounts, it provides an excellent device for a reasonable price.

What is the biggest difference between Corelight and Vectra AI?

The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...

What do you like most about Vectra AI?

The solution is currently used as a central threat detection and response system.

What is your experience regarding pricing and costs for Vectra AI?

It is very acceptable when you compare it with Darktrace, for example.

Fortinet FortiGate IPS vs Palo Alto Networks Advanced Threat Prevention

Comparisons

Compared 16% of the time

Check Point IPS vs Palo Alto Networks Advanced Threat Prevention

Compared 12% of the time

Forcepoint Next Generation Firewall vs Palo Alto Networks Advanced Threat Prevention

Compared 12% of the time

Darktrace vs Palo Alto Networks Advanced Threat Prevention

Compared 10% of the time

Cisco Secure Network Analytics vs Palo Alto Networks Advanced Threat Prevention

Compared 4% of the time

More Palo Alto Networks Advanced Threat Prevention Competitors

Darktrace vs Vectra AI

Compared 33% of the time

ExtraHop Reveal(x) vs Vectra AI

Compared 11% of the time

Corelight vs Vectra AI

Compared 6% of the time

Cisco Secure Network Analytics vs Vectra AI

Compared 6% of the time

Trellix Network Detection and Response vs Vectra AI

Compared 2% of the time

More Vectra AI Competitors

Product Reports

Palo Alto Networks Advanced Threat Prevention

Download Palo Alto Networks Advanced Threat Prevention product report

Palo Alto Networks Advanced Threat Prevention report

Download Vectra AI product report

Also Known As

No data available

Vectra Networks, Vectra AI NDR

Overview

Palo Alto Networks Advanced Threat Prevention is a cloud-based security service that combines cutting-edge technologies, including machine learning, artificial intelligence, and expert human monitoring, to effectively thwart advanced threats like malware, zero-day attacks, and command-and-control threats. It offers inline protection, scrutinizing all network traffic irrespective of port, protocol, or encryption. An integral component of Palo Alto Networks' security platform, it enjoys widespread adoption across diverse organizations. With its robust security capabilities, it's an ideal choice for entities of all sizes, particularly those in high-risk sectors such as finance, healthcare, and government agencies, seeking to safeguard their networks from a broad spectrum of advanced threats.

Palo Alto Networks

Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.

Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.

What are Vectra AI's most valuable features?

High accuracy in identifying threat locations
Aggregation of alerts into single incidents
24/7 threat detection
Visibility into the entire attack lifecycle
Risk score aggregation
Effective triaging of alerts
Integration with other tools

What benefits or ROI should users look for?

Enhanced threat detection and prioritization
Comprehensive network visibility
Reduction in false positives
Better incident response capabilities
Improved compliance monitoring

In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.

Sample Customers

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia

Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association

Palo Alto Networks Advanced Threat Prevention vs. Vectra AI