Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs ThreatQ comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
46
Ranking in other categories
SOC as a Service (2nd)
ThreatQ
Ranking in Security Orchestration Automation and Response (SOAR)
23rd
Average Rating
7.0
Reviews Sentiment
6.6
Number of Reviews
2
Ranking in other categories
Threat Intelligence Platforms (16th)
 

Mindshare comparison

As of April 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Palo Alto Networks Cortex XSOAR is 11.0%, down from 12.9% compared to the previous year. The mindshare of ThreatQ is 1.0%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
reviewer2384535 - PeerSpot reviewer
Improves the threat intelligence gathering process, but it is not user-friendly
The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool. It will take at least two months to get familiar with it. Building the playbook is a little difficult for a beginner. The vendor must simplify the tool and make it user-friendly.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The repository of playbooks and the integration between Palo Alto and IBM QRadar are some useful features"
"The orchestration in XSOAR is significantly easier compared to other SOAR tools I've used."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"The automation is excellent."
"The most valuable features of Cortex XSOAR include its vast library of plugins, which allow us to integrate various tools and solutions seamlessly."
"The solution is very reliable."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary."
"The reporting services are great. With reporting services, if you have customers that just visit a URL you can see the result - including why it's blocked and how and how the URL was first recognized as malicious."
"Integrating the solution with our existing security tools and workflows was easy."
 

Cons

"It is been decommissioned by Palo Alto."
"They should provide integration with machine learning platforms."
"Its dashboard features need improvement."
"The configuration of the solution could improve it is difficult."
"XSOAR could have more integration options."
"The solution is very expensive."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"There is room for improvement in support. The response time could be faster."
"The tool is not user-friendly."
"The solution should be simpler for the end-user in terms of reporting and navigating the product."
 

Pricing and Cost Advice

"The solution's cost is reasonable."
"The solution is a bit on the expensive side."
"Cortex XSOAR's price could be lower."
"It is approx $10,000 or $20,000 per year for two user licenses."
"My company did not make any payments towards the licensing costs attached to the product since we were only using its pilot version."
"There is a yearly license required for this solution and it is expensive."
"The solution's pricing needs improvement."
"The price of Palo Alto Networks Cortex XSOAR is expensive."
Information not available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
848,716 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
13%
Manufacturing Company
9%
Government
9%
Financial Services Firm
19%
Educational Organization
13%
Computer Software Company
13%
Manufacturing Company
10%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
The complexity of Cortex XSOAR has a trade-off with its versatility. The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a down...
What do you like most about ThreatQ?
Integrating the solution with our existing security tools and workflows was easy.
What needs improvement with ThreatQ?
The tool is not user-friendly. It is not beginner-friendly. It would be very difficult for a beginner to learn the tool. It will take at least two months to get familiar with it. Building the playb...
What is your primary use case for ThreatQ?
We used the solution for threat mapping and managing IoCs.
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Radar, Bitdefender, Crowdstrike, FireEye, IBM Security
Find out what your peers are saying about Palo Alto Networks Cortex XSOAR vs. ThreatQ and other solutions. Updated: April 2025.
848,716 professionals have used our research since 2012.