Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs ThreatQ comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
SOC as a Service (2nd)
ThreatQ
Ranking in Security Orchestration Automation and Response (SOAR)
23rd
Average Rating
7.0
Reviews Sentiment
6.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (16th)
 

Mindshare comparison

As of March 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Palo Alto Networks Cortex XSOAR is 11.1%, down from 13.0% compared to the previous year. The mindshare of ThreatQ is 0.9%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
reviewer2384535 - PeerSpot reviewer
Improves the threat intelligence gathering process, but it is not user-friendly
The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool. It will take at least two months to get familiar with it. Building the playbook is a little difficult for a beginner. The vendor must simplify the tool and make it user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"The solution is user-friendly and easy to configure."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"I am satisfied with the product overall."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"I would rate the stability of Cortex XSOAR as nine out of ten."
"Each incident collected is orchestrated with automation that selects the security analyst to be involved, or provides complex execution plans for managing security incidents."
"The most valuable features are simplicity and ease of integration."
"Integrating the solution with our existing security tools and workflows was easy."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
 

Cons

"The formats are not compatible, are readily not available, and are not readable."
"It is been decommissioned by Palo Alto."
"XSOAR could have more integration options."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"Palo Alto needs to develop more AI-centric products."
"There is room for improvement in terms of the pricing model."
"The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a downside."
"There should be an on-premise version available for customers to have different choices."
"The tool is not user-friendly."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
 

Pricing and Cost Advice

"It is expensive."
"The pricing is fair. The pricing reflects the value and feature set it offers."
"When I first looked at Demisto, it had a price tag of $250,000 but when we finally purchased it, it was $345,000."
"The solution's cost is high."
"It is approx $10,000 or $20,000 per year for two user licenses."
"There is a perception that it is priced very high compared to other solutions."
"The solution's pricing needs improvement."
"The solution's cost is reasonable."
Information not available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
842,690 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
9%
Government
9%
Financial Services Firm
19%
Educational Organization
13%
Computer Software Company
12%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
The complexity of Cortex XSOAR has a trade-off with its versatility. The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a down...
What do you like most about ThreatQ?
Integrating the solution with our existing security tools and workflows was easy.
What needs improvement with ThreatQ?
The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool. It will take at least two months to get familiar with it. Building the playb...
What is your primary use case for ThreatQ?
We used the solution for threat mapping and managing IoCs.
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Radar, Bitdefender, Crowdstrike, FireEye, IBM Security
Find out what your peers are saying about Palo Alto Networks Cortex XSOAR vs. ThreatQ and other solutions. Updated: March 2025.
842,690 professionals have used our research since 2012.