Cortex XDR by Palo Alto Networks Reviews

Cortex XDR mainly focuses on endpoint protection. Unlike other antivirus products, it is way more advanced. It allows you to manage your endpoints and includes advanced threat analytics and behavioral analytics. For example, it offers a behavioral analysis, the main purpose of which is to identify suspicious activity.

If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application. This ensures that unauthorized actions are prevented.

Another feature of Cortex XDR is its ability to mitigate ransomware issues. It creates duplicate files on the endpoint, and if any ransomware attempts to access these files, it detects and identifies the ransomware attack. Cortex XDR offers many such advanced features in its cloud platform.

Product might have some bugs. But these will be fixed in the next version. They'll try to work on that and fix those issues. They won't let it go easily.

I've been implementing and supporting this product for one year.

The end users are around thousands.

I am from the support team. I fix things. If customers have any issues with the product, they call me. That's the role of my job. I am from the partner side.

The deployment and setup process is handled by a different team. So I have never deployed Cortex, but I know the steps. It is not easy, but at the same time, it is not very complicated.

It's cloud-based. You don't have to set up a server; it's all on the cloud. You have to set up your tenant on their dedicated server once you subscribe to the product.

Price-wise, Cortex XDR is quite expensive compared to regular endpoints. It is a bit more expensive than other products, but it's worth the money.

Cortex is a good product. But like every other product, it has some flaws. Not every product is ideal. Every product has its flaws. So when compared with other products, Cortex is one of the good products. I would suggest you take the product because it is really one of the good products, but it has some flaws.

So, I would rate it an eight out of ten. 

I used the solution for investigating incidents and malware analysis.

The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device. For investigation, we can just drop down and easily elaborate on the issues, like where the user went and what they downloaded. We can use the solution to find out everything easily.

It takes time to scan the servers and devices. Scanning the server sometimes takes two to three days. If the device is offline, the scan gets disconnected.

I have been using Cortex XDR by Palo Alto Networks for one and a half years.

Cortex XDR by Palo Alto Networks is a stable solution.

Around seven people used the solution in our organization.

Cortex XDR by Palo Alto Networks is quite an expensive solution.

I use the solution for investigation, which includes incident handling and incident alerts. There is a separate part in Cortex XDR where we can use timestamps to categorize the alert or attack type. Based on the attack criticality, we can investigate and fine-tune a lot of things. In Cortex XDR, we can get the same alert at different times. We can fine-tune using the Cortex XDR tool.

Also, we can use queries in Cortex XDR for automation, accessing the device, or scanning the device. The query part is good, but we need to spend a little time learning about the query. It's easy to understand the query.

There is a template that you can use to click and say something. If you are going to investigate, many tabs are given based on the tactics, techniques, and procedures. It is easy to understand, and we can gather basic information from there. It is easy for a new user to learn to use the solution for the first time.

Overall, I rate the solution ten out of ten.

We use the product as a detection and response application.

The product's most valuable features are massive user and feature intelligence exploit detection. It is very useful in detecting threats to databases. The last meter statistics prove the efficient capabilities of the solution.

It is an enterprise-level solution. Its price could be less expensive.

We have been using Cortex XDR by Palo Alto Networks for three years.

The product is 100% stable. I have never received any complaints from the customers.

Cortex XDR by Palo Alto Networks is easily scalable as it is a cloud-based product.

We provide support services for our customers. Palo Alto's support services are expensive, and customers also encounter language barriers.

The initial process is simple. It requires training of about three to four days to understand the installation process. It is deployed on the cloud. The number of software engineers required depends on the number of the endpoints.

We pay in advance for the product's license. It has reasonable pricing for the use cases it provides to the company. We can split this payment monthly, quarterly, or yearly, according to the customer's requirements. For a cost-benefit analysis when choosing a security solution, consider factors such as the number of attacks prevented, the impact of those attacks, potential losses, and other hidden costs.

I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.

We use Cortex XDR by Palo Alto Networks for endpoint security. It scans for unwanted and malicious activity on endpoints and servers, creating alerts and incidents.

The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security.

There's room for improvement with Mac device installations, which can be challenging.

I have been using the tool for two years. 

About 20 people in our company use Cortex XDR by Palo Alto Networks across the country.

We've had some issues isolating endpoints and have sought support from Palo Alto for that.

The cost depends on your chosen license type, like Pro or other licenses.

I'd recommend using Cortex XDR by Palo Alto Networks for security purposes. It's good at detecting malware and is a better strategy than other antivirus solutions. I rate the overall solution a seven out of ten. 

The primary use case is mainly endpoint protection.

Previously, we had to install endpoint protection per machine and then scan and update. If there were any possible threats, then you would have to go manually to the machine and scan. Cortex XDR basically does that centrally and predictably.

We get notified, and if need be, we'll investigate an endpoint. For the most part, we haven't had to do a whole lot of that because most of the time, it just stops the threat before it even becomes one. So, we have more time to do day-to-day work rather than spend time chasing those endpoints.

I like the centralized console and the predictive analysis it does of malware.

It is very stable and also scalable.

It is easy to deploy and update. It does not require a lot of maintenance.

It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue. So, making exceptions would be easier and would probably be better for logging.

It would be nice if it were easier to use and if there were some free training hours.

As for additional features, I would suggest having mobile access to the console, perhaps through a mobile app for the console.

I've been using it for about three years now.

The stability is great. I think they set the standard for SDR solutions at the moment.

It's very scalable. We have it on Macs, Windows, Windows servers, and multiple flavors of Linux.

We have about 460 endpoints deployed. As far as technical users, we have a team of about 10, and that's mixed between server admins and their subsupport users.

The usage is extensive, and we've recently deployed it everywhere. We do plan on probably increasing usage because we have current consultants who use the product in order to access our systems.

I wish there could have been more live contact with technical support rather than updated tickets and possible notifications via email. When I've had live encounters, it's been amazing. Sometimes, I think they could be a little bit more responsive live wise, but for the most part, it's been good.

We previously used Sophos, and it was okay. The only thing I liked about Sophos was that it was easier to deploy to the desktop, but with Cortex XDR, once you have it already deployed, updating it is easy.

We needed something that was going to work with Macs and Linux, different products. Also, we needed something that would be more predictive versus relying on definition files that are publicly available. You don't want to be in a zero-day attack. With Cortex XDR, it's one of those where you can download any virus. It's just not going to run on your machine. Most malware products rely on a database to tell you that there's a virus file.

Sometimes, there are false positives. If it's a legit file or application that an end user is trying to download and use on their machine, it won't allow that. With Cortex XDR, however, they can download the file. It's just going to be rendered useless until you enable it and make an exception for it. It can run what identifies it and just sends you a notification saying that it's a malicious file and that it's there. It's not going to do anything to the system. That was a huge selling factor with Cortex XDR.

The initial setup is pretty straightforward. It took a couple of hours and was pretty easy to deploy.

Once it's deployed in your system, you can push updates yourself. In the case of Macs, when you get new releases you sometimes have to tweak it and then push it out manually to end users. One admin could dedicate a couple of hours a week at best because there's not much maintenance.

Palo Alto got on the phone with us and walked us through it. They were very helpful.

It's about $55 per license on a yearly basis.

Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs.

You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs.

So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class.

On a scale from one to ten, I would rate Cortex XDR at nine.

We use Cortex XDR as part of our security solution.

its a very good solution and single solution for entire infrastructure, give us good co-relation of incident. Single solution for Network, Endpoint, Servers. 

The most valuable for us is the correlation feature. You are able to correlate data that is coming from the firewall, network, server, and endpoints. This is one of our main requirements and makes for a good product.

It works with the data lake in an agent-based or agentless manner.

It is easy to integrate most with network devices, including firewalls, and Active Directory. We use firewalls from different vendors including Palo Alto and Check Point, and it supports them.

There are some third-party solutions that are difficult to integrate with, which is something that can be improved.

We have not experienced any issues with respect to stability at this point.

Scalability has not been a problem.

We have been in contact with technical support and are satisfied with them.

Positive

its a Straightforward

We have an in-house team for deployment and maintenance.

It replace multiple solution and due to this it will reduce the Administrative effort.

I have run a PoC with both CrowdStrike and Cortex XDR, and from my observation, I felt that Cortex was much better at meeting our requirements. It is also easier to use.

CrowdStrike was difficult when it came to integrating with other products and it does not work on mobile devices.

My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features. From my experience, it is one of the better ones in the market. That said, no product is 100%.

I would rate this solution a nine out of ten.

This solution is a next-generation antivirus with more advanced capability and security. We have a partnership with Palo Alto.

Cortex XDR is very easy to deploy and has great threat detection capabilities and good internal threat intelligence.

It uses advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.

If a customer says it's expensive- let's say I will say no it is not. Other values are added then it is more reasonable having strong features.

With a click, I can access the system and isolate it from other networks, and then go into a further forensic investigation of the current threat without compromising anything else.

Its stitches with external logs are perfect and enhanced.

1. Disk Encryption capability.

2. User group-wise admin role. They have module-wise roles but a user group-wise role is not available.

We've been supplying this solution to customers for two years. 

I have found this solution as NG AV is most stable compare with other solution

The scalability is perfect.

The initial setup is very easy.

We implemented the solution with a vendor team, HTH Global Network. Their expertise is an eight out of ten.

I recommend this solution, it works well and I rate it a nine out of ten.

We are using Cortex XDR by Palo Alto Networks for all of our remote users because they are not connected to our on-premise data center.

The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning.

Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it.

I have been using Cortex XDR by Palo Alto Networks for approximately two years.

Cortex XDR by Palo Alto Networks is stable.

Cortex XDR by Palo Alto Networks is scalable. add license and add many clients.

We have approximately 300 users using this solution in my company.

I have not had an issue to need the support.

We have previously used antivirus solutions. We decided to use Cortex XDR by Palo Alto Networks because of its flexibility.

The initial setup of Cortex XDR by Palo Alto Networks is straightforward because it is in the cloud. The whole deployment took approximately one day.

I rate the setup of Cortex XDR by Palo Alto Networks a four out of five.

We used the vendor to do the implementation of the solution.

After the deployment of this solution, there is no need for maintenance.

I recommend this solution to others because it is easy to manage, reliable, and overall good to use.

I rate Cortex XDR by Palo Alto Networks an eight out of ten.