Try our new research platform with insights from 80,000+ expert users
Information Technology Corporate Manager at a consumer goods company with 1,001-5,000 employees
Real User
Easy to use, light on resources, and reliable
Pros and Cons
  • "Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
  • "We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."

What is our primary use case?

We are in the testing stage of using Cortex XDR by Palo Alto Networks. We are using it in order to ensure the corporate network servers are protected. Additionally, we need to use a specialized tool.

What is most valuable?

Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources. 

Cortex analyzes the network and users to detect additional risks and threats that the other vendor's solutions don't detect.

What needs improvement?

We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky.

The tool should have the ability to test an environment to see what percentage it is secure against threats, such as ransomware. This would allow for adjustments to be made to the network for more security. We don't have the capability to test the networks daily there should be a parameter in order to report on the healthy of the network for security vulnerabilities.

For how long have I used the solution?

I have been using Cortex XDR by Palo Alto Networks for approximately two weeks.

Buyer's Guide
Cortex XDR by Palo Alto Networks
April 2025
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Networks is highly stable. 

We don't have any user reports suggesting that there is a high level of resource consumption.

What do I think about the scalability of the solution?

In regard to the scalability, the tool could have additional agents to provide a full installation in the company. This would make the installation much easier when scaling the solution, we should not have to use another tool.

The installation approach is to do it one computer at a time, but if Cotex could provide an additional tool in order for us to reach all the elements of the network would be very helpful. It should be done automatically. I understand that if the tool has the capability to analyze the network, it should be able to read the computers' elements in the network and in other ways.

How are customer service and support?

The support is very efficient and professional. They have provided us with the tools and the basic elements to understand how the solution works. They have helped us prepare some specifics for our installation.

Which solution did I use previously and why did I switch?

We use the Kaspersky protection solution. Kaspersky works based on blacklists, if you are on the blacklist it is working well but if you are not Kaspersky does not work.

How was the initial setup?

The installation of Cortex XDR by Palo Alto Networks is easy. The setup is not complicated.

It would be a good idea for the company to provide at their website videos that are translated in Spanish related to technical skills. This would be very useful and would have a lot of value.

The world in commercial terms, speaks English, we have to understand that with tools such as this, if the solution was in other languages more companies would be able to exploit the tool. If we don't have this information in our native language, we will not use the tool to its full potential.

What's my experience with pricing, setup cost, and licensing?

In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage.

I recommend that the company review the pricing model in the Latin American market. They need to determine how to impose, or how to bring a more accessible cost in order to accelerate the implementations in American countries.

Which other solutions did I evaluate?

We have been comparing Cortex XDR by Palo Alto Networks to Cisco solutions.

What other advice do I have?

It is important to have security tools in order to review, monitoring and hunt the potential attacks. We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool.

It's an efficient solution. I recommend this solution to my business partners and other companies.

I rate Cortex XDR by Palo Alto Networks a ten out of ten.

Other solutions I have used I would rate a seven out of ten. There is not something that comes close to this solution.

Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
MartinPulpan - PeerSpot reviewer
Owner and Executive Director at Cloud 9 s.r.o.
Real User
Good features, strong protection, and very scalable and stable
Pros and Cons
  • "Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
  • "It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."

What is our primary use case?

It's mainly for protection against malware. We work very closely with a major partner of Palo Alto in the Czech Republic, and we have experience with the whole XDR solution. It's very useful for us and a very capable solution.

How has it helped my organization?

Clients have a big problem with phishing campaigns and phishing attacks. Cortex XDR provides some level of protection against malware spreading in the network with a wrong click of users.

What is most valuable?

Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection.

What needs improvement?

Its price is too high. That's a big problem for customers.

It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system.

In terms of additional features, there is very strong development. I have seen the roadmap, and we will see what happens. The roadmap looks nice, but it's still more of a network security solution than a content-security solution. The development in network security is quite strong. I'm very happy with that, but if a customer would like to implement a zero-trust security concept, it's necessary to combine this solution with other vendors. There is some part of the integration that is not so easy because you have to integrate rules and some features. It's not so automatic in network communication. You have to make some appropriate automation there, or you have to do it manually. It's time-consuming and it's also expensive.

For how long have I used the solution?

I have been using it from the beginning. It has been more than six years.

What do I think about the stability of the solution?

It's a very stable solution. I would rate it a nine out of ten in terms of stability.

What do I think about the scalability of the solution?

It's a very scalable solution. If you compare it with a SIEM solution from Palo Alto, it's very powerful. I would rate it a nine out of ten in terms of scalability. It's definitely for enterprises.

How are customer service and support?

Their technical support is not bad, but sometimes, when we have some issues, the support teams from Europe or Central Europe are not able to help us. We have to escalate the issue somewhere else, such as to the US. They have a very strong support team there, but it's time-consuming. Sometimes, it takes them days or weeks to solve some tricky problems, but their support for standard issues is okay. There is a very good response, but for a technical issue, it's sometimes more difficult. I would rate their support a seven out of ten.

How would you rate customer service and support?

Neutral

Which solution did I use previously and why did I switch?

I also worked a little bit with SentinelOne. Cortex XDR is very similar to the SentinelOne solution from the features point of view. It's a little bit different technology, but both solutions are very capable.

How was the initial setup?

It's somewhere in the middle. It's not for beginners, but if you know what to do, it's quite easy.

It's a cloud-based solution, which sometimes is an issue for customers. In the past, it was on-prem, but Palo Alto decided to change the policy and everything is cloud-based or located in the cloud. It's not a security problem from my point of view, but a few customers feel uncomfortable with sending data to the cloud and back.

What about the implementation team?

Very often, it's an in-house implementation.

What's my experience with pricing, setup cost, and licensing?

It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing.

What other advice do I have?

Overall, I would rate it an eight out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Buyer's Guide
Cortex XDR by Palo Alto Networks
April 2025
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: April 2025.
848,716 professionals have used our research since 2012.
Team Lead at MindTree
Real User
Setup is easy, detects malicious binaries, and is stable
Pros and Cons
  • "One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
  • "The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."

What is our primary use case?

We are using Cortex XDR by Palo Alto Networks as an endpoint solution.

What is most valuable?

One thing that I like about Cortex XDR is its ability to detect all the suspicious or malicious binaries, and it can integrate with Palo Alto Firewall. 

For how long have I used the solution?

I have been using the product for about three and a half years.

What do I think about the stability of the solution?

The stability is very good.

What do I think about the scalability of the solution?

It is scalable for those who use it.

Which solution did I use previously and why did I switch?

If they want to do a POC, they can look for other market trenders that are there like Trend Micro. They also have their XDR solution. FireEye also has its XDR solution. They should do a comparison on what is based on their requirement. Based on their requirement, they should select the vendor. We saw that there were quite a few ransomware attacks that were not detected by traditional antivirus, so we moved to the Palo Alto solution. Likewise, the companies who want to implement EDR solutions, have to look at the problem statement. Based on their problem statement, they should work and find out a feasible solution.

What's my experience with pricing, setup cost, and licensing?

The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well. That is something that they have to look at going forward.

It took around three to four weeks, because there was a full process change, and then we had to get approval for getting it deployed. 

What other advice do I have?

I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
SOC Manager at Nais Srl
Real User
Good dashboard, and is easy to use, but is not very informative, or complete
Pros and Cons
  • "The information the dashboard provides is very clear."
  • "When it comes to core analysis, and security analysis, Cortex needs to provide more information."

What is our primary use case?

I am an integrator. I deploy and implement solutions for our customers.

What is most valuable?

It is a simple platform to use.

The dashboard is good, it's very clean and very simple to read. The information the dashboard provides is very clear.

What needs improvement?

This solution is not complete enough to help us. We use a different platform that provides us with more information.

In my opinion, it is not a very complete program. I prefer to work with Carbon Black. It's a better solution as well as Cynet. For example, I use Cynet when I check installations, which provides me with more information. It is not easy to use for beginners, but it provides me with more information, which is lacking in Cortex. When it comes to core analysis, and security analysis, Cortex needs to provide more information. Cynet is a complete platform in my opinion.

We are ready to use a new solution called Deep Instinct. It's a new concept of the security platform. It's a very new company from the USA.

I would like to see a feature that allows you to check the endpoints included. I am currently having trouble checking the endpoints when using Cortex. Including this feature would benefit the platform's endpoints.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Networks is absolutely stable.

What do I think about the scalability of the solution?

Cortex XDR by Palo Alto Networks is a scalable platform.

Which solution did I use previously and why did I switch?

I am currently using QRadar in more than one enterprise, as well as Cynet, and Darktrace. We also use all of the Microsoft platforms with QRadar.

I have a team working on this solution. So I assisted a customer in deploying and implementing this solution. My colleague and I have formed a team. I am a SOC manager, my new role is that of a SOC manager. I don't use it directly, but I try to assist my colleague in working with more enterprises or customers. We have, I believe, five or six different IBM QRadar platforms.

We use several solutions and they are all good, but each one is different.

Cynet is a good platform, but helpful for my team because it is not simple to understand.

What other advice do I have?

I would rate Cortex XDR by Palo Alto Networks a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Integrator
PeerSpot user
Zubair Ahmad - PeerSpot reviewer
Senior Chief Manager at Arcil
Real User
Top 5
Stable, scalable, and best for avoiding security issues
Pros and Cons
  • "Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
  • "Limited remote connection."

What is our primary use case?

I primarily use Cortex XDR for endpoint security.

How has it helped my organization?

PALO ALTO CORTEX XDR brings visibility of all activity going in end point system and server. This helps us to investigate and take corrective action by blocking and allowing necessary services in the system. 

What is most valuable?

Alerts regarding the incidence happening in system and easy to block and allow the services and external device control.

What needs improvement?

An area for improvement is the remote connection for administrators - this is available in the current version but is limited as it's a command-based model rather than GUI-based.

For how long have I used the solution?

I have been using Cortex XDR for around four months.

What do I think about the stability of the solution?

Cortex XDR is stable.

What do I think about the scalability of the solution?

The product is really easy to scale.

How are customer service and support?

Good support and services

How would you rate customer service and support?

Positive

Which solution did I use previously and why did I switch?

Previously, I used McAfee Antivirus, Memory utilization very high which doesn't yet have virtualization or a dashboard. I found that product to be a little difficult, and it was not linked to a real solution, so I decided to go with Cortex XDR as it's one of the best XDR solutions for security.

How was the initial setup?

The initial setup is a little complex because it requires a lot of preparation in terms of understanding each system and going through the documentation and dashboards.

What about the implementation team?

I implemented with the help of one partner who did the basic configuration of our firewall. Deployment took approximately ten days.

What was our ROI?

Security of systems

What's my experience with pricing, setup cost, and licensing?

This is a very costly product.

Which other solutions did I evaluate?

We have evaluated Cynet, Crowed Strike and Sentinel.

What other advice do I have?

Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues. I would rate this solution as eight out of ten.

Which deployment model are you using for this solution?

Private Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Disha Shah - PeerSpot reviewer
Technical Associate at HTH Global Network
Real User
Great threat detection capabilities and good internal threat intelligence
Pros and Cons
  • "Has great threat detection capabilities."
  • "The encryption is not up to the mark."

What is our primary use case?

This solution is a next-generation antivirus with more advanced capability and security. We have a partnership with Palo Alto.

What is most valuable?

Cortex XDR is very easy to deploy and has great threat detection capabilities and good internal threat intelligence.

It uses advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.

If a customer says it's expensive- let's say I will say no it is not. Other values are added then it is more reasonable having strong features.

With a click, I can access the system and isolate it from other networks, and then go into a further forensic investigation of the current threat without compromising anything else.

Its stitches with external logs are perfect and enhanced.

What needs improvement?

1. Disk Encryption capability.

2. User group-wise admin role. They have module-wise roles but a user group-wise role is not available.

For how long have I used the solution?

We've been supplying this solution to customers for two years. 

What do I think about the stability of the solution?

I have found this solution as NG AV is most stable compare with other solution

What do I think about the scalability of the solution?

The scalability is perfect.

How was the initial setup?

The initial setup is very easy.

What about the implementation team?

We implemented the solution with a vendor team, HTH Global Network. Their expertise is an eight out of ten.

What other advice do I have?

I recommend this solution, it works well and I rate it a nine out of ten.

Which deployment model are you using for this solution?

Hybrid Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Jitendra_Singh - PeerSpot reviewer
Senior Vice President at Chi Networks
Real User
Top 5
Helps to secure your infrastructure
Pros and Cons
  • "Cortex XDR's most valuable feature is its intelligence-based dashboards."
  • "Cortex XDR could be improved with more GUI features."

What is our primary use case?

I primarily use Cortex XDR to protect end-users from ransomware, malware, spam, and phishing.

How has it helped my organization?

Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure.

What is most valuable?

Cortex XDR's most valuable feature is its intelligence-based dashboards.

What needs improvement?

Cortex XDR could be improved with more GUI features.

For how long have I used the solution?

I've been using Cortex XDR for a year.

What do I think about the stability of the solution?

Cortex XDR is quite stable.

What do I think about the scalability of the solution?

Cortex XDR is scalable.

How are customer service and support?

Cortex XDR's technical support is really good, though their knowledge of endpoint protection could be deeper.

How would you rate customer service and support?

Positive

How was the initial setup?

The initial setup was quite straightforward, and deployment took two to three days.

What about the implementation team?

We used an in-house team.

What's my experience with pricing, setup cost, and licensing?

Cortex XDR's pricing is ok. We pay about $20 a year for our license.

What other advice do I have?

I would give Cortex XDR a rating of eight out of ten.

Which deployment model are you using for this solution?

Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user
Information Technology Consultant at Trillennium (Pvt) Ltd
Reseller
Excellent technical support, straightforward implementation, and cutting-edge technology
Pros and Cons
  • "When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
  • "In general, the price could be more competitive."

What is our primary use case?

We are not using it for our purposes because we are a Palo Alto partner. We propose it for our customers based on their requirements.

We are both a service provider and a reseller.

When the pandemic first began, the use cases were mostly for remote users. We deployed this for the majority of remote users.

What is most valuable?

When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud. We have a lot of advantages as a result.

It's a very simple implementation, and I have direct Palo Alto implementation available as well. So it's very simple. We haven't found any issues, so far the implementation is going well, I don't see any gaps.

What needs improvement?

In general, the price could be more competitive.

For how long have I used the solution?

In Palo Alto, we also work with all product lines, including Prisma and other product lines as required. Is a mix, it's a subproduct, we work with the mix of products.

We have been working with Cortex XDR by Palo Alto Networks for two to three years.

We get updates from Palo Alto directly.

What do I think about the stability of the solution?

Cortex XDR by Palo Alto Networks is a stable product.

What do I think about the scalability of the solution?

It's a scalable solution, we have not had any challenges with the scalability of Cortex XDR by Palo Alto Networks.

Our customers range from medium to large enterprise companies. The adoption rate in small businesses is much less, but the majority of our requirements come from mid-to enterprise-sized businesses.

How are customer service and support?

Technical support is the best in class, in my opinion, because they have invested heavily in research and development. In terms of comparison and today's challenges, such as security and layers, Palo Alto complies with all of the challenges.

Which solution did I use previously and why did I switch?

In terms of Security, we are working with a few products and a few brands.

We use Palo Alto and we also work with Barracuda. These solutions are used on the web firewall and for email protection.

We work with the entire Barracuda product line, but specifically for email protection and web filtering.

Barracuda Essentials is included with O365 protections, we work with those solutions. 

Palo Alto is part of a different vertical layer than Barracuda. It's distinct. They are very different.

How was the initial setup?

The initial setup depends on the environment, but as a technology, I would say it's simple. It's not that difficult.

The length of time it takes for deployment is determined by the project and the surrounding environment. We can only determine the timeframe based on that, pinpointing a specific time period is difficult.

It does not require maintenance because regular updates and monitoring are required. So if there is anything, new patches and the like, it is done automatically, and there is no additional implementation unless there are any infrastructure changes.

What's my experience with pricing, setup cost, and licensing?

In comparison to other competing products, it is based on the customer's needs and the environment. However, when compared to other products, the price is slightly higher, but when considering technology and new innovation, that is the plus I would say when it comes to being XDR.

The price could be more competitive because it is not on the price wall when you go and question Palo Alto XDR. It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable.

What other advice do I have?

So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines.

We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution.

We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution.

When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.
Updated: April 2025
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.