Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs Tanium comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Cortex X...
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (2nd), SOC as a Service (2nd)
Tanium
Average Rating
7.4
Reviews Sentiment
6.5
Number of Reviews
16
Ranking in other categories
Server Monitoring (10th), Vulnerability Management (22nd), Endpoint Protection Platform (EPP) (37th), Endpoint Detection and Response (EDR) (26th)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Palo Alto Networks Cortex XSOAR is designed for Security Orchestration Automation and Response (SOAR) and holds a mindshare of 11.0%, down 12.9% compared to last year.
Tanium, on the other hand, focuses on Endpoint Protection Platform (EPP), holds 2.5% mindshare, up 2.0% since last year.
Security Orchestration Automation and Response (SOAR)
Endpoint Protection Platform (EPP)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
Mo Vermeiren - PeerSpot reviewer
Is able to make several campaigns work in parallel, but the user interface needs improvement
It's mainly used by the cybersecurity team for Windows patching and deployment of some software solutions I like the fact that you can create patching campaigns depending on the area of your network that you want to address first. I like the ability it has to make several campaigns that work in…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"The automation is excellent."
"It is a scalable solution."
"The product’s stability is good."
"It was useful as a ticketing tool."
"The solution provides threat intelligence with EDR."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"The product is quite easy to use."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"Tanium’s linear-chain architecture is valuable."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"The interrogation piece was the most valuable feature because it was very detailed."
"The security features are very valuable."
 

Cons

"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"I think they should increase their collaboration base."
"XSOAR could have more integration options."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"The solution's technical support could be better."
"Its dashboard features need improvement."
"It doesn't offer automatic internet reports out of the box."
"The solution's correlation rules and playbooks should be improved."
"The solution lacks mobility."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"The solution needs to improve the reporting and tracking capabilities."
"Tanium’s scalability could be improved."
"The reporting could be improved."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"They could improve the UI."
 

Pricing and Cost Advice

"The price of Palo Alto Networks Cortex XSOAR is expensive."
"The solution is a bit on the expensive side."
"Cortex XSOAR's price could be lower."
"The solution's cost is high."
"The price of Palo Alto Networks Cortex XSOAR is comparable to other solutions in the market."
"On a scale of one to ten, where one is a low price, and ten is a high price, I rate the pricing a nine."
"The solution's pricing needs improvement."
"Palo Alto offers significant discounts to customers who purchase the products repeatedly."
"The solution is expensive but it's a good investment."
"It is higher than some competitors in the market."
"It's an expensive solution. It would be nice if the cost were lower."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"The solution offers value for money."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"There is an annual license required to use this solution."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
844,944 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
9%
Government
9%
Financial Services Firm
17%
Government
13%
Computer Software Company
10%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
The complexity of Cortex XSOAR has a trade-off with its versatility. The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a down...
What do you like most about Tanium?
Tanium’s linear-chain architecture is valuable.
What needs improvement with Tanium?
When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, creat...
What is your primary use case for Tanium?
We primarily use Tanium for patching, focusing on vulnerabilities. Our major goal with Tanium is to patch based on vulnerabilities detected by our other vulnerability tools.
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR). Updated: March 2025.
844,944 professionals have used our research since 2012.