Cortex XDR by Palo Alto Networks Reviews

I am a tech support engineer or an endpoint security engineer who works with Cortex XDR's team itself, looking after all the support cases related to our technical stuff, specifically malware cases.

The most valuable feature of the solution is Broker VM, which is the best functionality, as I haven't found such a feature in any other product I have worked on till now.

Some feature requests are coming up from the customers. I feel like there should be a quick improvement. There is a little gap in implementing the tool's features as the team needs to do an investigation, which would take more time than expected, leaving the customers frustrated. The product team's investigation to decide on the features to be introduced in the solution should be a little quick. When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one. At that point in time, we need to change the tool's version, and it generally needs to be changed from our end with Java and Jira. Maybe it should be a little improved in that case.

I have been using Cortex XDR by Palo Alto Networks for two years. I am an endpoint security engineer for Cortex XDR's team. I worked with a client company as a foreign technical support engineer.

So far, I haven't found any stability issues in the tool. Right now, I am on post-maternity leave, so I left the company six or seven months ago. To date, I haven't found any stability issues with the tool. Stability-wise, I rate the solution an eight and a half out of ten.

The tool is not used in my organization because I work within the tool's XDR team related to Palo Alto. I don't have an exact count of the users because we have different customers on a larger scale.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

I am not required to contact the solution's technical support since I handle the customers' tickets.

My company was involved in mass deployment. I am not involved in the deployment stuff because we work as a break-and-fix team. We generally don't go ahead with a mass deployment. For individual deployment, it is a quick and easy-to-install tool. Cortex XDR by Palo Alto Networks is not like every other antivirus product, and I think it is an easy-to-install tool. There is a team for the tool to help you out, but certain pre-requirements need to be filled. If all the pre-requirements are met, there will be no issue with the installation.

I am not sure about the tool's pricing because we are not from the accounts team. The tool's pricing is managed by the accounts department.

I recommend the tool as it is an emerging or upcoming product with a set of features. My recommendation of the tool surely depends upon the scale of the business.

The tool is easy to use. We even have an accounts team where they can help you from scratch. We have a tech support team who would definitely suggest it to you over the session, so nothing as such is required as they will definitely help the users with the tool.

I rate the tool an eight and a half or nine out of ten.

Cortex XDR by Palo Alto Networks is an antivirus tool that provides EDR and XDR.

The solution's most valuable feature is the user interface. I've used other solutions like Cylance and CrowdStrike, but Cortex XDR stands out from all the products. It has also moved to XSIAM. Cortex XDR introduced it long ago, while other tools are implementing it now.

The solution lags to the real-time scenarios here and there.

I have been using Cortex XDR by Palo Alto Networks for five years.

The solution would have bugs, but we get support 24/7 to deal with them.

Cortex XDR by Palo Alto Networks is a scalable solution.

The solution’s initial setup is easy.

Cortex XDR by Palo Alto Networks is an expensive solution.

Cortex XDR by Palo Alto Networks is a cloud-based solution. I would recommend the solution to other users if they can afford it. Cortex XDR by Palo Alto Networks is worth the money. It is easy for a beginner to learn to use the solution for the first time.

Overall, I rate the solution a seven out of ten.

Cortex XDR by Palo Alto Networks is the antivirus solution we use for Androids.

The solution's most valuable feature is its ability to rapidly detect certain hardware files.

All other features of Cortex XDR by Palo Alto Networks are fine.

We have implemented a product that blocks USB usage and also provides device control for our company. 

Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities. 

Although we are using this feature, we allow specific systems and USB devices. For example, we enable certain users to use external hard drives but we may disable them if necessary. However, due to the nature of our organization, we do not have a dedicated department for this task.

I have been working with Cortex XDR by Palo Alto Networks for approximately seven years.

We are working with the most recent version.

The stability of Cortex XDR by Palo Alto Networks is a nine out of ten.

I would rate the scalability of Cortex XDR by Palo Alto Networks a ten out of ten.

In our organization, we have 2,700 licenses. Our users are mostly IT specialists.

Our organization is using the Cortex system across all platforms, including servers running Linux, Mac, and Windows operating systems.

Maintenance is done by the vendor.

Technical support is good.

We have also used them for Palo Alto Firewalls.

We do not have any issues with support, I would rate them a nine out of ten.

Previously, approximately one year ago, we used Kaspersky.

We are currently using both Kaspersky and Cortex XDR by Palo Alto Networks.

The installation process is straightforward, and the software itself is lightweight.

The installation process takes less than a minute.

Our license will require renewal in August, after which the maintenance will continue as usual.

I am not aware of the fees, it is handled by our financial department.

I would recommend this solution to others who are interested in using it.

I would rate Cortex XDR by Palo Alto Networks nine out of ten.

Cortex XDR mainly focuses on endpoint protection. Unlike other antivirus products, it is way more advanced. It allows you to manage your endpoints and includes advanced threat analytics and behavioral analytics. For example, it offers a behavioral analysis, the main purpose of which is to identify suspicious activity.

If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application. This ensures that unauthorized actions are prevented.

Another feature of Cortex XDR is its ability to mitigate ransomware issues. It creates duplicate files on the endpoint, and if any ransomware attempts to access these files, it detects and identifies the ransomware attack. Cortex XDR offers many such advanced features in its cloud platform.

Product might have some bugs. But these will be fixed in the next version. They'll try to work on that and fix those issues. They won't let it go easily.

I've been implementing and supporting this product for one year.

The end users are around thousands.

I am from the support team. I fix things. If customers have any issues with the product, they call me. That's the role of my job. I am from the partner side.

The deployment and setup process is handled by a different team. So I have never deployed Cortex, but I know the steps. It is not easy, but at the same time, it is not very complicated.

It's cloud-based. You don't have to set up a server; it's all on the cloud. You have to set up your tenant on their dedicated server once you subscribe to the product.

Price-wise, Cortex XDR is quite expensive compared to regular endpoints. It is a bit more expensive than other products, but it's worth the money.

Cortex is a good product. But like every other product, it has some flaws. Not every product is ideal. Every product has its flaws. So when compared with other products, Cortex is one of the good products. I would suggest you take the product because it is really one of the good products, but it has some flaws.

So, I would rate it an eight out of ten. 

Our company uses the solution to detect behaviors and provide difficulty remediation for malware. The solution acts like a terminal that allows for the renewal of malware directly from the terminal in any meeting room. 

We also have an IOP configuration that allows us to compare our own indicators and compromise rules. This is very efficient because anytime there is an IAP release on the web page, we can update or create a repository of different notification alerts. 

The solution is a new generation XDR that has a lot of artificial intelligence modules. 

The solution's communication methods are very effective. 

Configuring or eradicating terminals is easy. 

The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons. 

I have been using the solution for 18 months. 

Technical support was very responsive. You can present a critical configuration issue and they provide a solution as quickly as possible. 

The Linux agent was a little bit sketchy on our side but we got good support. 

The setup is very straightforward. 

We implemented the solution in-house and worked with one telecom rep for network permissions. 

Two of our cybersecurity engineers deployed to 4,000 endpoints in two months. We had a little bit of an issue with Linux but resolved it so all endpoints were fully operational within three months. 

The pricing is a little bit on the expensive side so is rated a seven out of ten. 

The solution is solid and measures up against other products. I rate the solution an eight out of ten. 

Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR.

The price could be a little lower. 

I have been using Cortex for four years.

Palo Alto provides on-the-ground and remote support. They have a local team on the ground and teams in India or other countries. Their support is excellent, and they know what they're doing. 

Positive

Some of my customers have McAfee, Symantec, or Kaspersky. Palo Alto can integrate with other vendors, so it's not locked to one single vendor. Other vendors like Trend Micro, Bitdefender, CrowdStrike, etc. have limitations on log collection from other places. On Palo Alto's datasheet, it tells you that it can talk to Check Point, Fortinet, etc. It's pretty awesome. I believe this is a huge advantage that allows us to implement Cortex anywhere. 

I rate Cortex XDR 10 out of 10 for ease of setup. It can be deployed on-prem or on the cloud. It's an easy process that doesn't take long. 

I rate Cortex XDR 10 out of 10. 

Officially, I'm an MSP, but I also host it for our own internal software. I've got XDR installed on 26,000 devices. It is used for threat prevention, policy enforcement, firewall rules, and DLP. We use it for pretty much everything. Our firewalls also integrate with XDR.

We use XDR Pro. It is in the cloud, and we have got version 7 at the moment, which is probably the latest update of it.

The key thing is the visibility of what's going on in our networks and on our end devices. It gives us visibility.

It provides the ability to query. I can query for any file or any IOC on any of the devices installed, and it will search for a data link.

The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine. 

In general, it has been able to see every single threat that has ever come up and it helps us stop it. 

I've used it for a great many years now, and it worked really well. From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference.

The onboarding process could be better. 

It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it.

Its stability is very good.

Its scalability is very good. It is on my servers as well as my end users. I've got five and a half thousand end-users plugged in, and they're all on, and then I have 26,000 servers on it as well.

I would rate them a 9 out of 10. The only reason why they lose a point is that if I escalate, it gets done really quickly. I've got all the various contacts I could ever need inside Palo Alto, but some of my other colleagues don't have that same level of contact. So, if I'm doing it, it is rapid, but if they're doing it, it is slower.

Positive

I've worked with Carbon Black, which Cortex XDR beats hands down. The reason it beats it hands down is because of the ability to query. I couldn't do that with Carbon Black. For me, that was a genuine issue with Carbon Black. That was one of the main reasons why we've literally moved 22,000 devices off Carbon Black into Cortex XDR.

We also use Sophos, McAfee, and BitDefender. As a group, we buy multiple companies a year. So, we come across most of them.

If it is my own device, I would love to have Cortex, but I can't buy one license. I have to buy a minimum of 250 licenses. So, I normally go for something like BitDefender because it has the least amount of bloatware.

It is straightforward. It is pretty much out of the box. It works how you want it to work. So, you can't really ask for more.

It is also easy to maintain.

It was implemented in-house.

In the company I'm in, we make software. On that basis, we've gone for what we need to make sure our software and all of our customer data are secure. That drives us more than the ROI. It may sound a little weird, but it is the way we run because, for us, the ROI is almost pointless if we lose all our data.

I have the full Pro Prevent license. So, I've got post analytics, forensics, and the whole lot of it.

My advice to others who would like to start working with Cortex is to not dip your toe in the water. Go big or go home. If you integrate everything in, you'll get fantastic results. You shouldn't do some bits here and there. You need to use their ecosystem as a whole. If you're in their entire ecosystem, the results are amazing.

I would rate it a 10 out of 10.

We primarily use the solution for security.

We're trying to explore Cortex's possibly to detect digital forensics and the source of the issues. 

The initial setup isn't too bad.

I have run into some detection issues with Cortex XDR. 

If they had pulse rate detection, it would be better.

The whole state IPS should be better. 

It needs to be better at detection of internal attacks. 

We started using the solution since about 2019 or 2020. It's been around two or three years.

The stability is pretty good except for one or two cases. Based on the performance, it's been okay. It's got pretty high performance. There are no bugs or glitches. It doesn't crash or freeze. 

We have around 4,500 users on the solution currently. It usually handles around 1,400 people. We have these devices across many departments. 

The solution has the capability to scale. A company can expand it as necessary.

I've contacted technical support one or two times and found that their support is very fast to respond. They are helpful in each case. We are very satisfied with their level of service.

We used to use Symantec. We have since stopped.

Symantec can easily be put on a USB device, and then they can check it all to scan within the computer. However, we tried to submit a case for a feature enhancement, and, after two or three years, they still do not have this feature enabled and available. 

The initial setup isn't overly difficult on the cloud. We do not wish to have endpoint clients plow into our internal environment. The deployment shouldn't take up too much manpower. 

The pricing is pretty good. It's reasonable. I'd rate it four out of five. Of course, it could always be a bit lower. 

I'm a customer and end-user. 

I'd rate the solution seven out of ten.