My primary use of this solution is as an endpoint security client.
EMEA IT Infrastructure Manager at a consumer goods company with 5,001-10,000 employees
Good management capabilities but has poor performance
Pros and Cons
- "The most valuable features of this product are the management capabilities, which allow an IT organization to get quite a good picture of attempted cyber attacks, and its out-of-the-box investigation capabilities."
- "Impact on system performance is horrible, adding a lot of delays for users."
- "This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance."
What is our primary use case?
How has it helped my organization?
This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance.
What is most valuable?
The most valuable features of this product are the management capabilities, which allow an IT organization to get quite a good picture of attempted cyber attacks, and its out-of-the-box investigation capabilities.
What needs improvement?
The product's impact on system performance is horrible, adding a lot of delays for users.
Buyer's Guide
Cortex XDR by Palo Alto Networks
June 2026
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
902,988 professionals have used our research since 2012.
For how long have I used the solution?
I have been using this solution for four months.
How was the initial setup?
The onboarding process was quite cumbersome. It took some time to deploy as we had to investigate about 500 cases of clients who did not get the agent immediately.
What about the implementation team?
I implemented using a vendor team.
What other advice do I have?
I would rate this solution as five out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Digital Business Solutions Manager at Bahrain Telecommunication Company BSC (Batelco)
A stable and scalable extended detection and response platform, but it would be better if they educated their customers more
Pros and Cons
- "It's a nice product that's stable and scalable."
- "Palo Alto is one of the tech vendors that always provides top-of-the-line products."
- "It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
What is our primary use case?
We don't have many customers moving to Cortex XDR by Palo Alto Networks. But recently, we started offering them both pro and basic options.
What is most valuable?
It's a nice product that's stable and scalable.
What needs improvement?
It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support.
What do I think about the stability of the solution?
The product is stable. Palo Alto only works on security, and the product by default is stable. They are releasing new features, OS, and an ML-based thing on the firewall itself, which is quite impressive. Palo Alto is quite stable compared to other competitors in the market.
What do I think about the scalability of the solution?
It's scalable. I see whatever is written on their datasheets, and all it's real. If I talk to some other vendor and they say that they currently provide 20 Gbps reports, but when you activate it, IPSec and all, it goes to 2 Gbps. With Palo Alto, whatever is there is working, and it's scalable.
How are customer service and technical support?
Technical support is quite good. When compared to others, I feel it's quite impressive.
What's my experience with pricing, setup cost, and licensing?
The price is on the higher side, but it's okay.
What other advice do I have?
I would tell potential users that it's a complete solution from Palo Alto with firewalls and all to give you more precise logs and information. Product-wise, it's top of the line. If you have investment, always go for that and go for the best solution.
Palo Alto is one of the tech vendors that always provides top-of-the-line products. Price-wise it will be on the higher side, but it depends on how you deal with the backend support or the account manager of Palo Alto to get that discount.
On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a seven.
Disclosure: My company has a business relationship with this vendor other than being a customer. partner
Buyer's Guide
Cortex XDR by Palo Alto Networks
June 2026
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.
902,988 professionals have used our research since 2012.
Has a centralized console and does predictive analysis of malware
Pros and Cons
- "I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
- "Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
- "It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
What is our primary use case?
The primary use case is mainly endpoint protection.
How has it helped my organization?
Previously, we had to install endpoint protection per machine and then scan and update. If there were any possible threats, then you would have to go manually to the machine and scan. Cortex XDR basically does that centrally and predictably.
We get notified, and if need be, we'll investigate an endpoint. For the most part, we haven't had to do a whole lot of that because most of the time, it just stops the threat before it even becomes one. So, we have more time to do day-to-day work rather than spend time chasing those endpoints.
What is most valuable?
I like the centralized console and the predictive analysis it does of malware.
It is very stable and also scalable.
It is easy to deploy and update. It does not require a lot of maintenance.
What needs improvement?
It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue. So, making exceptions would be easier and would probably be better for logging.
It would be nice if it were easier to use and if there were some free training hours.
As for additional features, I would suggest having mobile access to the console, perhaps through a mobile app for the console.
For how long have I used the solution?
I've been using it for about three years now.
What do I think about the stability of the solution?
The stability is great. I think they set the standard for SDR solutions at the moment.
What do I think about the scalability of the solution?
It's very scalable. We have it on Macs, Windows, Windows servers, and multiple flavors of Linux.
We have about 460 endpoints deployed. As far as technical users, we have a team of about 10, and that's mixed between server admins and their subsupport users.
The usage is extensive, and we've recently deployed it everywhere. We do plan on probably increasing usage because we have current consultants who use the product in order to access our systems.
How are customer service and technical support?
I wish there could have been more live contact with technical support rather than updated tickets and possible notifications via email. When I've had live encounters, it's been amazing. Sometimes, I think they could be a little bit more responsive live wise, but for the most part, it's been good.
Which solution did I use previously and why did I switch?
We previously used Sophos, and it was okay. The only thing I liked about Sophos was that it was easier to deploy to the desktop, but with Cortex XDR, once you have it already deployed, updating it is easy.
We needed something that was going to work with Macs and Linux, different products. Also, we needed something that would be more predictive versus relying on definition files that are publicly available. You don't want to be in a zero-day attack. With Cortex XDR, it's one of those where you can download any virus. It's just not going to run on your machine. Most malware products rely on a database to tell you that there's a virus file.
Sometimes, there are false positives. If it's a legit file or application that an end user is trying to download and use on their machine, it won't allow that. With Cortex XDR, however, they can download the file. It's just going to be rendered useless until you enable it and make an exception for it. It can run what identifies it and just sends you a notification saying that it's a malicious file and that it's there. It's not going to do anything to the system. That was a huge selling factor with Cortex XDR.
How was the initial setup?
The initial setup is pretty straightforward. It took a couple of hours and was pretty easy to deploy.
Once it's deployed in your system, you can push updates yourself. In the case of Macs, when you get new releases you sometimes have to tweak it and then push it out manually to end users. One admin could dedicate a couple of hours a week at best because there's not much maintenance.
What about the implementation team?
Palo Alto got on the phone with us and walked us through it. They were very helpful.
What's my experience with pricing, setup cost, and licensing?
It's about $55 per license on a yearly basis.
What other advice do I have?
Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs.
You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs.
So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class.
On a scale from one to ten, I would rate Cortex XDR at nine.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Microsoft Azure
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Vice President / Chief Technology Officer at Sinnott Wolach Technology Group
A stable, scalable, and user-friendly solution that comes with good support and stitches everything together to provide the actual complete picture
Pros and Cons
- "The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
- "It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
- "A little bit more automation would be nice."
What is our primary use case?
We use it for our own company as well for our clients. It is mainly used for protecting the endpoints. Like everybody else nowadays, we're all working from home, and we have access to data on the public cloud, private cloud, and on-prem. We got to make sure that we're not exposing our endpoints to anything out there that could be malicious and that could cause any problems within our networking environment.
How has it helped my organization?
It has absolutely improved the way our organization functions. We are more secure. It is giving us more peace of mind, and it is doing what it is doing. It has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it.
What is most valuable?
The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.
The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that.
What needs improvement?
A little bit more automation would be nice.
For how long have I used the solution?
We've been a reseller for Palo Alto for 13 years. I have been using it for quite a while. They had bought Cyvera for the endpoint security, which was obviously the base for Cortex XDR. I have been seeing how it actually progressed from just a straight endpoint security solution that was a little clunky at one time to a very streamlined, effective solution today.
What do I think about the stability of the solution?
It is stable. I haven't found any issues.
What do I think about the scalability of the solution?
It is extremely easy to scale. We have about 20 users, and their roles stem from sales to technical, marketing, and administrative.
How are customer service and technical support?
Palo Alto has got very good tech support. I would give them a ten out of ten.
Which solution did I use previously and why did I switch?
At one time, I tried Cylance, and it just wasn't that effective for what we needed. At the time, it wasn't really an EDR solution.
How was the initial setup?
The initial setup was very straightforward and easy.
What's my experience with pricing, setup cost, and licensing?
Its pricing is kind of in line with its competitors and everybody else out there.
What other advice do I have?
You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together.
I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.
Which deployment model are you using for this solution?
Private Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Network Designer at a computer software company with 1,001-5,000 employees
Easy to set up with excellent trend analytics and isolation feature
Pros and Cons
- "The initial setup is pretty easy."
- "There are a lot of lead solutions in this space, however, Palo Alto is number one."
- "In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
- "The solution should enhance the ADR and reporting."
What is our primary use case?
We primarily use the product as endpoint security which we have deployed on all servers and locations. This is not limited to the endpoint, however, as it has further integration with the firewalls and email solutions. Therefore, it can give us quick visibility in case there is any malicious or suspicious activity happening.
What is most valuable?
The solution offers a very high-performance.
The solution has analytics that watch patterns and trends. If there is a change in user behavior or communication, it has the ability to track that.
The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.
There are a lot of lead solutions in this space, however, Palo Alto is number one.
The initial setup is pretty easy.
What needs improvement?
The solution should enhance the ADR and reporting. As of right now, they are giving reports, which are okay, however, there are other ways to get better reporting. That is an area where I already requested that Palo Alto work on.
In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations.
They should extend the solution for URL filtering, as other endpoint security products are doing that already. Nowadays, users are working from home and therefore we have plenty of traffic back through the data center just for URL filtering security. If that functionality could be there in the endpoint, then we would be happy. It would ensure users working from home couldn't access malicious websites.
For how long have I used the solution?
We've been using the solution for one year. Before that, we were using Palo Alto Trap.
What do I think about the stability of the solution?
The solution is very stable. I pretty much depend on product stability. Over the last six months, we have been able to see it's that Palo Alto is more stable than most. There is no such issue in that regard.
This is a very stable product, whether it is running on a database or email system or on any platform. It works perfectly fine.
What do I think about the scalability of the solution?
The solution is very scalable. This is due to the fact that it is being managed through the cloud making it easy to deploy to a thousand endpoints. There is no issue at all. As long as there's enough space for the solution to expand, it can grow out to any size you need.
How are customer service and technical support?
Technical support from Palo Alto is perfect. However, we have first-level support from a third-party. They sometimes take time to respond, which is not ideal. That said, when we get aligned with the tech support from Palo Alto, that really works well. Their level one support is with other vendors, and level two and level three support is with Palo Alto. That's how they are set up. They deal with bigger issues.
Overall, we've been pretty satisfied with technical support.
Which solution did I use previously and why did I switch?
We're service providers. We offer a variety of solutions to our clients, including Palo Alto, Cisco, Microsoft, and McAfee, depending on their needs. We don't just use or recommend one particular endpoint protection product.
About a year back I implemented Cisco and Palo Alto for our customer. Cisco AMP is also a good solution while it is running with the grid, however, I have not been involved with using it for three years.
In routing and switching, Cisco is good. However, Cisco AMP, which is an endpoint security, requires you to work with many other AMP solutions from Cisco.
My first preference would be Palo Alto and my second preference would be Cisco AMP.
How was the initial setup?
The initial setup is not complex at all. It is very straightforward and very easy to implement. I implemented it for 1000 or so users, and it took only about one month to execute. Even when we were in a pandemic situation where users were at home, we did it that quickly. It is very easy to deploy.
What's my experience with pricing, setup cost, and licensing?
The pricing is actually very reasonable. Palo Alto is very invested in some commercial endeavors and they have simplified their license. A team license can be used on-cloud, or on-prem. We have not faced segregation on any technologies, so a simple license gets any user anywhere without limitations. It is easy to increase the license as it's a cloud service. You just speak to your account manager and they can increase the licenses for you.
What other advice do I have?
While we deal with the cloud deployment model, we've also often used the on-premises deployment.
I'd advise other companies to use the solution. It really is the best one out there.
Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Assistant Superintendent at a educational organization with 51-200 employees
Straightforward to set up and the support is highly-rated
Pros and Cons
- "The interface is easy to use and it is more up to date than our previous solution."
- "We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."
- "Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
What is our primary use case?
This product is part of a package that makes up our security solution.
What is most valuable?
The interface is easy to use and it is more up to date than our previous solution.
What needs improvement?
Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want.
For how long have I used the solution?
We have been using this product for about four months.
What do I think about the scalability of the solution?
We think that this product will help us grow. We think that it meets our needs currently, and we can grow with it over time. There 12 people in the IT department who currently manage it.
How are customer service and technical support?
The support is excellent. We had a couple of issues that we had to call for and I would say that they are highly rated.
Which solution did I use previously and why did I switch?
Our older solution was from Fortinet. It was out of date and more difficult to use. The IT staff say that the Palo Alto product is better.
How was the initial setup?
The initial setup was straightforward.
What about the implementation team?
We worked with a reseller. They came in, we told them what we wanted to do and they set it up to our spec. The person who came in and helped support us was highly skilled and it worked seamlessly.
What's my experience with pricing, setup cost, and licensing?
We pay about $50,000 USD per year for a bundle that includes Cortex XDR.
Which other solutions did I evaluate?
We evaluated Palo Alto and Trend Micro, and we opted for the Palo Alto Cortex XDR.
What other advice do I have?
I don't use this product on a daily basis but we like what we have so far and I would definitely recommend it to other users.
My advice is to make sure that you have a good implementor and that the reseller you're purchasing from gives you a highly-qualified engineer.
Overall, we are happy with this product but that said, nothing does everything that you want.
I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
This is a recommended solution for total end-to-end protection
Pros and Cons
- "Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
- "Cortex is a very good total solution on the endpoints."
- "The connection to the internet has not performed as expected."
- "As an improvement, I would like to see enhanced connection speeds."
What is our primary use case?
We are still in the testing stages so there is not currently any primary use case beyond the base use of endpoint protection.
What is most valuable?
Cortex has several good features that I am interested in. There is a nice Sandbox function that is very strong, there is the Traps (endpoint protection) solution, the real-time filtering of suspect linkages is good, and the automatic blocking of suspect behavior is always active and protecting the network.
What needs improvement?
As an improvement, I would like to see enhanced connection speeds. On China's side, we need to set up a local server for the definition updates, and the performance has not been very good for the company when directly connected to the internet. We are a little disappointed with that.
For how long have I used the solution?
We have been using Cortex XDR (Extended Detection and Response) for around two months.
What do I think about the stability of the solution?
It is stable. From the moment we installed it has been up with no restarts of maintenance until now.
What do I think about the scalability of the solution?
I think that this product is scalable. The testing environment we use right now has around 200 users. In the future, when we deploy it to the company we will move up to around 4,000 users.
How are customer service and technical support?
The technical support is okay. They have already helped us to fix the installation and then we had an issue and they were available for correction of the problem. They also have made some useful suggestions. So the support team is okay in my estimation.
Which solution did I use previously and why did I switch?
We have been exploring a similar solution. Right now I am also doing testing on Sentinel at the center. This is a similar solution. But we have only just begun testing Sentinel, so we do not really have enough experience with it to comment on the product.
How was the initial setup?
As we just started with Cortex and we are using a cloud solution, I do not have the impression that it was difficult to install and begin using.
What's my experience with pricing, setup cost, and licensing?
The setup costs are a bit higher than some other solutions. Overall it is a little bit expensive, I think. If we could get it for around a 10% discount then that would be a better price point for us.
For our pricing plan, we are not on a subscription, so we do not have to pay every month. We have a yearly license for the product.
The approximate amount we pay per license is around $80 per user per year.
What other advice do I have?
My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability.
On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Senior Consultant Cybersecurity at a consultancy with 10,001+ employees
An antivirus that provides EDR and XDR, but it is expensive
Pros and Cons
- "The solution's most valuable feature is the user interface."
- "The solution lags to the real-time scenarios here and there."
What is our primary use case?
Cortex XDR by Palo Alto Networks is an antivirus tool that provides EDR and XDR.
What is most valuable?
The solution's most valuable feature is the user interface. I've used other solutions like Cylance and CrowdStrike, but Cortex XDR stands out from all the products. It has also moved to XSIAM. Cortex XDR introduced it long ago, while other tools are implementing it now.
What needs improvement?
The solution lags to the real-time scenarios here and there.
For how long have I used the solution?
I have been using Cortex XDR by Palo Alto Networks for five years.
What do I think about the stability of the solution?
The solution would have bugs, but we get support 24/7 to deal with them.
What do I think about the scalability of the solution?
Cortex XDR by Palo Alto Networks is a scalable solution.
How was the initial setup?
The solution’s initial setup is easy.
What's my experience with pricing, setup cost, and licensing?
Cortex XDR by Palo Alto Networks is an expensive solution.
What other advice do I have?
Cortex XDR by Palo Alto Networks is a cloud-based solution. I would recommend the solution to other users if they can afford it. Cortex XDR by Palo Alto Networks is worth the money. It is easy for a beginner to learn to use the solution for the first time.
Overall, I rate the solution a seven out of ten.
Disclosure: My company does not have a business relationship with this vendor other than being a customer.
Business Development Manager For Palo Alto Networks at a tech services company with 1,001-5,000 employees
Has a simple setup process and efficient stability
Pros and Cons
- "The product's most valuable features are massive user and feature intelligence exploit detection."
- "It is an enterprise-level solution. Its price could be less expensive."
What is our primary use case?
We use the product as a detection and response application.
What is most valuable?
The product's most valuable features are massive user and feature intelligence exploit detection. It is very useful in detecting threats to databases. The last meter statistics prove the efficient capabilities of the solution.
What needs improvement?
It is an enterprise-level solution. Its price could be less expensive.
For how long have I used the solution?
We have been using Cortex XDR by Palo Alto Networks for three years.
What do I think about the stability of the solution?
The product is 100% stable. I have never received any complaints from the customers.
What do I think about the scalability of the solution?
Cortex XDR by Palo Alto Networks is easily scalable as it is a cloud-based product.
How are customer service and support?
We provide support services for our customers. Palo Alto's support services are expensive, and customers also encounter language barriers.
How was the initial setup?
The initial process is simple. It requires training of about three to four days to understand the installation process. It is deployed on the cloud. The number of software engineers required depends on the number of the endpoints.
What's my experience with pricing, setup cost, and licensing?
We pay in advance for the product's license. It has reasonable pricing for the use cases it provides to the company. We can split this payment monthly, quarterly, or yearly, according to the customer's requirements. For a cost-benefit analysis when choosing a security solution, consider factors such as the number of attacks prevented, the impact of those attacks, potential losses, and other hidden costs.
What other advice do I have?
I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Head Of Sales at Cascade Solutions
A stable solution for security with good support
Pros and Cons
- "The tool's use cases are relevant to security."
- "The tool needs to be improved in terms of integration and interface."
What is our primary use case?
The tool's use cases are relevant to security.
What needs improvement?
The tool needs to be improved in terms of integration and interface.
For how long have I used the solution?
I have been working with the solution for five years.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
I would rate the product's scalability a nine out of ten.
How are customer service and support?
The product's technical support is good.
How would you rate customer service and support?
Positive
How was the initial setup?
The tool's setup is easy. The solution's deployment took five days to complete.
What's my experience with pricing, setup cost, and licensing?
The solution is expensive. It's pricing is on a yearly-basis.
What other advice do I have?
I would rate the tool a seven out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer. Reseller
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros
sharing their opinions.
Updated: June 2026
Product Categories
Extended Detection and Response (XDR) Endpoint Protection Platform (EPP) Endpoint Detection and Response (EDR) Ransomware Protection AI-Powered Cybersecurity PlatformsPopular Comparisons
CrowdStrike Falcon
Microsoft Defender for Endpoint
SentinelOne Singularity Endpoint
IBM Security QRadar
Microsoft Sentinel
Varonis Platform
Elastic Security
Huntress Managed EDR
TrendAI Vision One
HP Wolf Security
Trellix Endpoint Security Platform
WatchGuard Firebox
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which SIEM is best fit with Palo Alto Cortex XDR?
- Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
- Cortex XDR by Palo Alto vs. Sentinel One
- FortiXDR vs Cortex Pro - which is the best?
- Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
- How is Cortex XDR compared with Microsoft Defender?
- Which is better - Cortex XDR or Symantec End-User Endpoint Security?
- How would you compare BlackBerry Protect vs Cortex XDR by Palo Alto Networks?
- What is the best EDR or XDR product for a company with 9000 employees?
- When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?















