Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Advanced Threat Prevention vs Vectra AI comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Palo Alto Networks Advanced...
Ranking in Intrusion Detection and Prevention Software (IDPS)
7th
Average Rating
8.6
Number of Reviews
25
Ranking in other categories
No ranking in other categories
Vectra AI
Ranking in Intrusion Detection and Prevention Software (IDPS)
2nd
Average Rating
8.6
Number of Reviews
42
Ranking in other categories
Network Detection and Response (NDR) (2nd), Extended Detection and Response (XDR) (9th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of November 2024, in the Intrusion Detection and Prevention Software (IDPS) category, the mindshare of Palo Alto Networks Advanced Threat Prevention is 7.5%, down from 8.4% compared to the previous year. The mindshare of Vectra AI is 11.4%, up from 9.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Intrusion Detection and Prevention Software (IDPS)
 

Featured Reviews

Carlos Bracamonte - PeerSpot reviewer
Mar 15, 2023
Robust, reliable, simple to install and good technical support
We are attempting to improve the use of URL filtering beyond threat protection. I'm not sure what the remaining threat protection features are off the top of my head. But beyond that, we use URL filtering. We have three approved cases for using external dynamic lists that are stored in a bucket repository. Then, for each URL site that needs to be whitelisted, we add it to the external dynamic list in order to gain access to this email. I would like Wildfire to be implemented. We use the equivalent in Cisco is the integration policies. We have the Wildfire but we are not currently implementing it. We don't have the license to use it, but we are not currently implementing it until we present the use cases that the company gives some value to and they approve the use of it.
Tony Whelton - PeerSpot reviewer
Mar 7, 2023
Integrates well with other security solutions and provides good technical support
The biggest feature for us, because we are heavy Microsoft users, is its integration with Office 365. On top of Vectra AI, we use all of the Microsoft security platforms, such as Defender ATP and Sentinel. Having full integration and a central platform to look at all of the threats that are coming through from the different platforms is a huge benefit for us. With one nice front dashboard, we can look at the high-volume threats rather than all of the noise. We do get a lot of noise as our students all own their own devices. With Vectra AI, we can look at threats in a controlled manner, which saves us an extraordinary amount of time. Even if I doubled the manpower, I doubt that I would still have the same visibility that I have with the correct security platform. Vectra AI's Threat Detection and Response platform has done remarkably well. We're well-versed in using the security dashboard from Microsoft Defender, and we're at the stage where we are checking both. We haven't fully switched to relying on only the Vectra dashboard yet. In terms of Vectra AI Attack Signal Intelligence for empowering security analysts within our organization, we have complete faith in the data that's coming through from Vectra. If we could also have what's happening at the front-end, that is, the firewall, then it would give us the complete security front dashboard.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"For those who want a next-gen firewall that's easy to configure and easy to operate, I think you should go for Palo Alto."
"It's very easy to use and configure. What is nice about Palo Alto is that even if you don't understand how to use it, you can just click on upload and upload everything that needs to be blocked."
"Palo Alto Networks Threat Prevention is the market leader as far as security gateways and endpoint protection. Additionally, the threat database that is used is one of the best."
"Everything has been okay with the solution. We are using all of the features."
"It's a monster, it's got so many beautiful features. We do deal with other firewalls and we've got a better idea of what other firewalls' capabilities are, any comparison with the Palo Alto I liked the quality of service on the applications that you can control the amount of bandwidth an application is allowed to consume. The best feature is the quality of the application quality of service."
"One of the most valuable features is the anti-malware protection."
"The application control and vulnerability protection are the most valuable features."
"We are currently using the URL filtering feature, which is the most popular."
"One of the core features is that Vectra AI triages threats and correlates them with compromised host devices. From a visibility perspective, we can better track the threat across the network. Instead of us potentially finding one device that has been impacted without Vectra AI, it will give us the visibility of everywhere that threat went. Therefore, visibility has increased for us."
"The fact that we get the visualization of what's happening on our network, which is a way of improving our security in-depth is most valuable."
"The solution is currently used as a central threat detection and response system."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"One of the things that we didn't expect to happen was that our network team also jumped on it faster than we thought. In most cases, if it's a security tool that's working on the network part, they can also use it to find out certain flaws that have been in the system. Certain flaws, related to some legacy stuff, were already there for quite a few years, which they couldn't explain at first, but we could explain them based on the timing of certain things."
"The packet-capturing feature is very useful."
"Vectra AI generates relevant information."
"One of the key advantages for us is we define a 24/7 service around it. We use far more of Vectra alerts than we do with our SIEM product because we understand that when we get an alert from Vectra we actually need to do something about it."
 

Cons

"Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems."
"The technology firewall anomaly network could stand improvement."
"In Africa, the technical support is probably not as good as in Europe and the USA because it's a specific premium support, partner-enabled premium support and all of that. But it's really good, I don't really have any complaints, it's fairly good. I'll give them 80%."
"Mission learning techniques should continue to expand and detect unknown threats on the fly."
"We are attempting to improve the use of URL filtering beyond threat protection."
"The documentation needs to be improved. I need better information about how to configure it and what the best practices are."
"The installation was complicated."
"The price of licenses should be lowered to make it less costly to scale our solution."
"What is most important for us is to have one place where we can manage a few brains because we are based on a zero-trust network. As a result, each customer needs to have a separate brain. For the SOC team, we need to have one place where the SOC analyst can go to visit the website and from that site manage all of the customers. Right now, Vectra AI doesn't have this capability, and I would really like to have this feature."
"For S&D account scans, it would be easier if Vectra AI could triage with users. If a client uses a lot of accounts, then it could indicate that these accounts are benign, for example. That would help a lot."
"There could be an option where Vectra manages the solution remotely, and when there is an attack, there could be a notification center to give us information about the attack."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"We had another product with Vectra AI and used the MDR solution as an add-on. Initially, it wasn't fully appropriately configured, so we didn't get the expected results. Even once configured correctly, we weren't fully satisfied with its response. The issue was both with their service response and the product's capabilities."
"We would like to see more information with the syslogs. The syslogs that they send to our SIEM are a bit short compared to what you can see. It would be helpful if they send us more data that we can incorporate into our SIEM, then can correlate with other events."
"The reporting from Cognito Detect is very limited and doesn't give you too many options. If I want to prepare a customized report on a particular host, even though I see the data, I have to manually prepare the report. The reporting features that are built into the tool are not very helpful."
"We have a lot of system solutions and integrations with system solutions. Vectra is a type of black box. It implements AI-informed detection mechanisms, but we cannot create system detections. I understand that the product is designed this way, but it would be great if we could create our own detections as well."
 

Pricing and Cost Advice

"The product’s pricing is expensive for small companies."
"It is an expensive solution and I would like to see a drop in price."
"Palo Alto Networks Threat Prevention could improve by having consistent pricing at system levels."
"The cost involves the price of the hardware, which is expensive. However, most of the Palo Alto solutions are expensive."
"If you want to have all of the good features then you have to pay extra for licensing."
"The pricing and the licensing are pretty competitive at this stage. As a reseller, I would like to see the price come down a little bit so I can compete better against other firewalls because we do that all the time."
"The price of the solution is higher than others on the market. A price reduction would be beneficial if it does not impact their database quality."
"Palo Alto Networks Advanced Threat Prevention is quite competitive, offering extensive threat detection and prevention capabilities, though it is priced higher than some alternatives."
"The pricing and licensing are quite straightforward because they're based on the IP licenses. As a result, they are easy to count."
"From a licensing perspective, the Vectra detect platform is pretty doable. Also, the hardware prices are nothing that we're not used to. The stream part is a little overpriced compared to the detect part. The reason is that you need to stream data to detect events anyway, so the data is in there. The only thing that's not available is the UI to be able to look at the stream data, which is also on the appliances but is just not activated. That's mainly the thing that we want to improve on."
"The pricing is high."
"The upfront pricing model that we have would have been more beneficial if it had been a recurring license fee, but that wasn't a massive issue for us. It's fairly priced."
"There are additional features that can be purchased in addition to the standard licensing fee, such as Cognito Recall and Stream."
"It's relatively on the pricier side, but when compared to other solutions. It's not the most budget-friendly option, but it can be considered somewhat more cost-effective in comparison to other alternatives."
"The licensing is on an annual basis."
"Vectra AI's pricing is cheaper than that of Darktrace."
report
Use our free recommendation engine to learn which Intrusion Detection and Prevention Software (IDPS) solutions are best for your needs.
814,763 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
17%
Financial Services Firm
11%
Manufacturing Company
10%
University
7%
Computer Software Company
17%
Financial Services Firm
12%
Manufacturing Company
7%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is the best DDoS protection solution for a big ISP for monitoring and mitigating?
Arbor would be the best bid, apart from Arbor, Palo Alto and Fortinet have good solutions. As this is an ISP, I would prefer Arbor.
What is your experience regarding pricing and costs for Palo Alto Networks Threat Prevention?
Palo Alto Networks Advanced Threat Prevention is quite competitive, offering extensive threat detection and prevention capabilities, though it is priced higher than some alternatives. I would rate ...
What is the biggest difference between Corelight and Vectra AI?
The two platforms take a fundamentally different approach to NDR. Corelight is limited to use cases that require the eventual forwarding of events and parsed data logs to a security team’s SIEM or ...
What do you like most about Vectra AI?
The solution is currently used as a central threat detection and response system.
 

Also Known As

No data available
Vectra Networks, Vectra AI NDR
 

Overview

 

Sample Customers

University of Arkansas, JBG SMITH, SkiStar AB, TRI-AD, Temple University, Telkom Indonesia
Tribune Media Group, Barry University, Aruba Networks, Good Technology, Riverbed, Santa Clara University, Securities Exchange, Tri-State Generation and Transmission Association
Find out what your peers are saying about Palo Alto Networks Advanced Threat Prevention vs. Vectra AI and other solutions. Updated: October 2024.
814,763 professionals have used our research since 2012.