Cortex XDR by Palo Alto Networks Reviews

We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us.

The one area which should improve is not on the user side but on the product itself. Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats. For example, if you had something that was not detected by the former solution, and you install Palo Alto, you will have some difficulty removing the virus with the Palo Alto tool. It would be helpful if they had a tool for removing a virus or threat in these cases.

The solution is very stable. We have about 350 licenses across all our PCs, and of course, only administrators are allowed to plug in.

Scalability is not an easy question. For us, Palo Alto traps is running on a good environment, so if we have a plan to expand we just adjust the environment and from the Palo Alto side, it is not a problem at all. The only thing I have to do is update the license file and it should work. But in the case of a bigger expansion, you have to separate the servers. For us, it is not a problem at all if we decide to scale Palo Alto traps.

Support response was very fast. I'm satisfied with the support.

If you have been educated in Palo Alto, the initial setup is very easy. Without an education it depends. It can be difficult, it depends on the knowledge of the installer.

We use the on-prem version, not the cloud version of Palo Alto.

We use it daily but we have logs. Normally, if we have an incident in detection from a wire system, there's more effort. But typically it would take about ten minutes in order to check the logs and it's not complex at all. But if you have some threats or viruses then, of course, maintenance takes longer.

In terms of advice, I'd say it depends on the usage of the PCs. For us to use in the main production, Palo Alto benefited us. It was easy to install and performance of the traps themselves are very good. In most cases, you don't have to worry about the performance of the PC at all. Palo Alto Traps takes up very few resources.

I would rate this solution 9 out of 10.

It has just been about a month.

It is mainly for monitoring and/or logging. We look at it to see if there are any log incidents. 

We are using its latest version. It is deployed as a hybrid.

Monitoring is most valuable.

In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex.

In terms of new features, we don't have any functions or features that we would like to add at the moment. 

It is looking promising in terms of scalability, but we have not looked into it further because we are still in the process of learning and getting some experience.

Currently, there are just two users of this solution. They are IT specialists.

Its initial setup is quite complex. In terms of complexity, I would rate it a four and a half out of five.

I am using the Community edition.

My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner.

We have not yet completed our review of the product. At this time, I would rate it a five out of 10.

We are in the testing stage of using Cortex XDR by Palo Alto Networks. We are using it in order to ensure the corporate network servers are protected. Additionally, we need to use a specialized tool.

Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources. 

Cortex analyzes the network and users to detect additional risks and threats that the other vendor's solutions don't detect.

We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky.

The tool should have the ability to test an environment to see what percentage it is secure against threats, such as ransomware. This would allow for adjustments to be made to the network for more security. We don't have the capability to test the networks daily there should be a parameter in order to report on the healthy of the network for security vulnerabilities.

I have been using Cortex XDR by Palo Alto Networks for approximately two weeks.

Cortex XDR by Palo Alto Networks is highly stable. 

We don't have any user reports suggesting that there is a high level of resource consumption.

In regard to the scalability, the tool could have additional agents to provide a full installation in the company. This would make the installation much easier when scaling the solution, we should not have to use another tool.

The installation approach is to do it one computer at a time, but if Cotex could provide an additional tool in order for us to reach all the elements of the network would be very helpful. It should be done automatically. I understand that if the tool has the capability to analyze the network, it should be able to read the computers' elements in the network and in other ways.

The support is very efficient and professional. They have provided us with the tools and the basic elements to understand how the solution works. They have helped us prepare some specifics for our installation.

We use the Kaspersky protection solution. Kaspersky works based on blacklists, if you are on the blacklist it is working well but if you are not Kaspersky does not work.

The installation of Cortex XDR by Palo Alto Networks is easy. The setup is not complicated.

It would be a good idea for the company to provide at their website videos that are translated in Spanish related to technical skills. This would be very useful and would have a lot of value.

The world in commercial terms, speaks English, we have to understand that with tools such as this, if the solution was in other languages more companies would be able to exploit the tool. If we don't have this information in our native language, we will not use the tool to its full potential.

In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage.

I recommend that the company review the pricing model in the Latin American market. They need to determine how to impose, or how to bring a more accessible cost in order to accelerate the implementations in American countries.

We have been comparing Cortex XDR by Palo Alto Networks to Cisco solutions.

It is important to have security tools in order to review, monitoring and hunt the potential attacks. We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool.

It's an efficient solution. I recommend this solution to my business partners and other companies.

I rate Cortex XDR by Palo Alto Networks a ten out of ten.

Other solutions I have used I would rate a seven out of ten. There is not something that comes close to this solution.

It's mainly for protection against malware. We work very closely with a major partner of Palo Alto in the Czech Republic, and we have experience with the whole XDR solution. It's very useful for us and a very capable solution.

Clients have a big problem with phishing campaigns and phishing attacks. Cortex XDR provides some level of protection against malware spreading in the network with a wrong click of users.

Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection.

Its price is too high. That's a big problem for customers.

It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system.

In terms of additional features, there is very strong development. I have seen the roadmap, and we will see what happens. The roadmap looks nice, but it's still more of a network security solution than a content-security solution. The development in network security is quite strong. I'm very happy with that, but if a customer would like to implement a zero-trust security concept, it's necessary to combine this solution with other vendors. There is some part of the integration that is not so easy because you have to integrate rules and some features. It's not so automatic in network communication. You have to make some appropriate automation there, or you have to do it manually. It's time-consuming and it's also expensive.

I have been using it from the beginning. It has been more than six years.

It's a very stable solution. I would rate it a nine out of ten in terms of stability.

It's a very scalable solution. If you compare it with a SIEM solution from Palo Alto, it's very powerful. I would rate it a nine out of ten in terms of scalability. It's definitely for enterprises.

Their technical support is not bad, but sometimes, when we have some issues, the support teams from Europe or Central Europe are not able to help us. We have to escalate the issue somewhere else, such as to the US. They have a very strong support team there, but it's time-consuming. Sometimes, it takes them days or weeks to solve some tricky problems, but their support for standard issues is okay. There is a very good response, but for a technical issue, it's sometimes more difficult. I would rate their support a seven out of ten.

Neutral

I also worked a little bit with SentinelOne. Cortex XDR is very similar to the SentinelOne solution from the features point of view. It's a little bit different technology, but both solutions are very capable.

It's somewhere in the middle. It's not for beginners, but if you know what to do, it's quite easy.

It's a cloud-based solution, which sometimes is an issue for customers. In the past, it was on-prem, but Palo Alto decided to change the policy and everything is cloud-based or located in the cloud. It's not a security problem from my point of view, but a few customers feel uncomfortable with sending data to the cloud and back.

Very often, it's an in-house implementation.

It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing.

Overall, I would rate it an eight out of ten.

We are using Cortex XDR by Palo Alto Networks as an endpoint solution.

One thing that I like about Cortex XDR is its ability to detect all the suspicious or malicious binaries, and it can integrate with Palo Alto Firewall. 

I have been using the product for about three and a half years.

The stability is very good.

It is scalable for those who use it.

If they want to do a POC, they can look for other market trenders that are there like Trend Micro. They also have their XDR solution. FireEye also has its XDR solution. They should do a comparison on what is based on their requirement. Based on their requirement, they should select the vendor. We saw that there were quite a few ransomware attacks that were not detected by traditional antivirus, so we moved to the Palo Alto solution. Likewise, the companies who want to implement EDR solutions, have to look at the problem statement. Based on their problem statement, they should work and find out a feasible solution.

The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well. That is something that they have to look at going forward.

It took around three to four weeks, because there was a full process change, and then we had to get approval for getting it deployed. 

I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

I am an integrator. I deploy and implement solutions for our customers.

It is a simple platform to use.

The dashboard is good, it's very clean and very simple to read. The information the dashboard provides is very clear.

This solution is not complete enough to help us. We use a different platform that provides us with more information.

In my opinion, it is not a very complete program. I prefer to work with Carbon Black. It's a better solution as well as Cynet. For example, I use Cynet when I check installations, which provides me with more information. It is not easy to use for beginners, but it provides me with more information, which is lacking in Cortex. When it comes to core analysis, and security analysis, Cortex needs to provide more information. Cynet is a complete platform in my opinion.

We are ready to use a new solution called Deep Instinct. It's a new concept of the security platform. It's a very new company from the USA.

I would like to see a feature that allows you to check the endpoints included. I am currently having trouble checking the endpoints when using Cortex. Including this feature would benefit the platform's endpoints.

Cortex XDR by Palo Alto Networks is absolutely stable.

Cortex XDR by Palo Alto Networks is a scalable platform.

I am currently using QRadar in more than one enterprise, as well as Cynet, and Darktrace. We also use all of the Microsoft platforms with QRadar.

I have a team working on this solution. So I assisted a customer in deploying and implementing this solution. My colleague and I have formed a team. I am a SOC manager, my new role is that of a SOC manager. I don't use it directly, but I try to assist my colleague in working with more enterprises or customers. We have, I believe, five or six different IBM QRadar platforms.

We use several solutions and they are all good, but each one is different.

Cynet is a good platform, but helpful for my team because it is not simple to understand.

I would rate Cortex XDR by Palo Alto Networks a seven out of ten.

I primarily use Cortex XDR for endpoint security.

PALO ALTO CORTEX XDR brings visibility of all activity going in end point system and server. This helps us to investigate and take corrective action by blocking and allowing necessary services in the system. 

Alerts regarding the incidence happening in system and easy to block and allow the services and external device control.

An area for improvement is the remote connection for administrators - this is available in the current version but is limited as it's a command-based model rather than GUI-based.

I have been using Cortex XDR for around four months.

Cortex XDR is stable.

The product is really easy to scale.

Good support and services

Positive

Previously, I used McAfee Antivirus, Memory utilization very high which doesn't yet have virtualization or a dashboard. I found that product to be a little difficult, and it was not linked to a real solution, so I decided to go with Cortex XDR as it's one of the best XDR solutions for security.

The initial setup is a little complex because it requires a lot of preparation in terms of understanding each system and going through the documentation and dashboards.

I implemented with the help of one partner who did the basic configuration of our firewall. Deployment took approximately ten days.

Security of systems

This is a very costly product.

We have evaluated Cynet, Crowed Strike and Sentinel.

Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues. I would rate this solution as eight out of ten.

I primarily use Cortex XDR to protect end-users from ransomware, malware, spam, and phishing.

Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure.

Cortex XDR's most valuable feature is its intelligence-based dashboards.

Cortex XDR could be improved with more GUI features.

I've been using Cortex XDR for a year.

Cortex XDR is quite stable.

Cortex XDR is scalable.

Cortex XDR's technical support is really good, though their knowledge of endpoint protection could be deeper.

Positive

The initial setup was quite straightforward, and deployment took two to three days.

We used an in-house team.

Cortex XDR's pricing is ok. We pay about $20 a year for our license.

I would give Cortex XDR a rating of eight out of ten.