We use the solution for incident orchestration.
Security Operations Center Analyst (L2 at Thales
An easy-to-setup solution with good technical support services
Pros and Cons
- "It is a scalable solution."
- "They should provide integration with machine learning platforms."
What is our primary use case?
How has it helped my organization?
The solution helps us with incident analysis.
What is most valuable?
The solution has the best processing and incident analysis features.
What needs improvement?
The solution's price could be better. Also, they should provide integration with machine learning and artificial intelligence platforms.
Buyer's Guide
Palo Alto Networks Cortex XSOAR
December 2024
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
For how long have I used the solution?
We have been using the solution for seven months.
What do I think about the stability of the solution?
I rate the solution's stability an eight out of ten.
What do I think about the scalability of the solution?
I rate the solution's scalability a ten out of ten.
How are customer service and support?
The solution's technical support team is good.
How would you rate customer service and support?
Positive
How was the initial setup?
The solution's initial setup process is easy. We implement it on the cloud and premises.
What was our ROI?
The solution generates a good return on investment.
What's my experience with pricing, setup cost, and licensing?
The solution's pricing needs improvement.
What other advice do I have?
I recommend the solution to others and rate it a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Intern Cybersecurity at a computer software company with 10,001+ employees
The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily
Pros and Cons
- "The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
- "XSOAR could have more integration options."
What is our primary use case?
I'm currently evaluating XSOAR to see what the solution can do. I'm playing around with the various features.
What is most valuable?
The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily.
What needs improvement?
XSOAR could have more integration options.
For how long have I used the solution?
I have used XSOAR for two months.
What do I think about the stability of the solution?
XSOAR is stable.
How was the initial setup?
Setting up XSOAR is straightforward and takes about 30 minutes. It doesn't require any special technology to implement it in any architecture. You create a virtual machine, move the file to it, launch the installer, and let it run. It doesn't require any complex tasks.
What other advice do I have?
I rate Palo Alto Networks Cortex XSOAR nine out of 10.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Palo Alto Networks Cortex XSOAR
December 2024
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Business Development Manager at a tech services company with 11-50 employees
Comprehensive network and highly scalable solution
Pros and Cons
- "It is a scalable solution. I would rate scalability a ten out of ten."
- "There is room for improvement in terms of the pricing model."
What is our primary use case?
Our clients use it in our managed service platform, in our cloud. We also provide solutions to our clients on Service Cloud and XDR.
What is most valuable?
The advanced security capabilities and the automation available with the solution are the most valuable solution. Moreover, the scalability and ease of management are additional benefits.
What needs improvement?
There is room for improvement in terms of the pricing model.
For how long have I used the solution?
We've been selling and working with it for eight years.
What do I think about the stability of the solution?
It is a stable solution. I would rate stability a ten out of ten.
What do I think about the scalability of the solution?
It is a scalable solution. I would rate scalability a ten out of ten. Our clients are enterprise businesses.
How are customer service and support?
The customer support is good.
How would you rate customer service and support?
Positive
How was the initial setup?
Since we handled the installation ourselves in our environment, it's really easy for us to install.
It may not be the easiest installation, especially when configuring agents with specific functionalities. But the initial setup is relatively easy. Maintenance is ongoing. It's always required to ensure the system runs smoothly.
What about the implementation team?
The deployment process really depends on the client. It varies based on the complexity of the deployment. Each time is different. It could take anywhere from a few days to a week.
We probably have around six people involved in the process. When it comes to setup, it's all about proper planning and understanding the client's specific needs and requirements for the service.
What's my experience with pricing, setup cost, and licensing?
I would rate pricing a seven out of ten, where one is a low price, and ten is a high price. We use the annual subscription. There are no additional costs.
What other advice do I have?
I would advise them to explore the extensive features it offers in terms of organization and remediation. It's important to consider its seamless integration with other platforms and the wide range of services and products provided by the company.
Overall, I would rate the solution a nine out of ten because the product offers a comprehensive network and cloud solution. We can provide clients with a complete end-to-end solution through a single vendor.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
IT Operations Deputy Manager at Ultramar Agencia Marítima
Helpful remote control capabilities, scalable, and simple deployment
Pros and Cons
- "The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
- "Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
What is our primary use case?
My primary use for Palo Alto Networks Cortex XSOAR is to protect the workstation for the end-users.
What is most valuable?
The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud.
What needs improvement?
Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated.
For how long have I used the solution?
I have been using Palo Alto Networks Cortex XSOAR for two years.
What do I think about the scalability of the solution?
We have approximately 1,000 users using Palo Alto Networks Cortex XSOAR in our organization. The solution is scalable.
How was the initial setup?
We only require one or two staff to deploy the agent of Palo Alto Networks Cortex XSOAR because it is very simple. One for the server and the other for the workstation.
What's my experience with pricing, setup cost, and licensing?
The price of Palo Alto Networks Cortex XSOAR could be reduced. We are always looking for a discount. There is an annual license needed to use this solution.
What other advice do I have?
I rate Palo Alto Networks Cortex XSOAR a ten out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
A great scalable tool that provides functionalities related to patching and URL blocking
Pros and Cons
- "The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
- "With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
What is most valuable?
The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking, and its strengths are the major reason why I recommend the product to others.
What needs improvement?
With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task. The aforementioned aspects of the solution can be considered for improvement. In the future, I need the product to provide me with the ability to manage its base.
In the future, I want Palo Alto Networks Cortex XSOAR to provide me with an option that allows me to do an automatic setup process. I also want Palo Alto Networks Cortex XSOAR to plan a way to minimize the need for too many configuration processes in an architecture. I feel that currently, the setup process of the product is really hard.
For how long have I used the solution?
I have experience with Palo Alto Networks Cortex XSOAR. My company has a partnership with Palo Alto Networks.
What do I think about the stability of the solution?
We don't face any issues with Palo Alto Networks Cortex XSOAR in our company right now. Certain issues only crop up with the firewall devices from Palo Alto Networks.
What do I think about the scalability of the solution?
It is a scalable solution.
How are customer service and support?
I rate the technical support a nine out of ten.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
I only handle Palo Alto Networks.
How was the initial setup?
I did not manage the initial setup of the product, as it was taken care of by a product specialist.
Which other solutions did I evaluate?
I am more comfortable with Palo Alto Networks compared to its competitors.
What other advice do I have?
I can say that I am a bit satisfied with Palo Alto Networks Cortex XSOAR. I manage the product's setup phase, so I am getting familiarized with it.
I can only recommend Palo Alto Networks Cortex XSOAR after I personally complete the setup phase of the product in our environment. In general, after I complete the setup process of Palo Alto Networks Cortex XSOAR in my company, I will recommend it to others.
I rate the overall tool an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Hybrid Cyber Security Team Lead at Dndx CyberSecurity
Easy to use and scalable
Pros and Cons
- "Palo Alto is easy to use."
- "The dashboard could be better."
What is our primary use case?
The solution is used for security.
What is most valuable?
Palo Alto is easy to use.
What needs improvement?
The dashboard could be better.
For how long have I used the solution?
I have used Palo Alto Network Cortex for six months.
What do I think about the stability of the solution?
There are issues with stability as it was giving false positives and has bugs. I rate the stability a seven out of ten.
What do I think about the scalability of the solution?
It is a scalable solution. There are two hundred users using the solution at present. I rate the scalability an eight out of ten.
What about the implementation team?
The solution was deployed by analysts.
What other advice do I have?
I rate the overall solution an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer:
Deputy Vice President at a financial services firm with 10,001+ employees
Difficult to set up, doesn't have integrations, and the solution has been decommissioned
Pros and Cons
- "It was useful as a ticketing tool."
- "It is been decommissioned by Palo Alto."
What is our primary use case?
It is a help desk ticketing tool. It's a sought platform, however, it is just a help desk ticketing tool.
What is most valuable?
It was useful as a ticketing tool. However, it's been discontinued.
What needs improvement?
It doesn't have any integrations. It lacks multiple integrations.
It is been decommissioned by Palo Alto. There's no more trying to support it. There will be no more additional items added.
The initial setup was complex.
For how long have I used the solution?
I've been using the solution for a year or more.
What do I think about the stability of the solution?
The stability is not there.
What do I think about the scalability of the solution?
I'm not sure how scalable the solution is.
How are customer service and support?
I can't speak to technical support's capabilities. I don't have much experience with them.
How was the initial setup?
The setup has a bit of complexity. I'd rate the complexity five out of five.
I'm not sure how long the deployment took.
What other advice do I have?
We were a reseller.
I'm not sure which version of the solution we're using. It might be behind a version or two. Demisto has been purchased by Palo Alto. There's a difference in versions between the organizations. The latest version is not defined by the organization.
Potential users should not purchase this product. They decommissioned the product, and it is now at end of life.
I'd rate the solution three out of ten. It was sold to another company and decommissioned.
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Business Development Manager at a tech services company with 51-200 employees
Has good stability and an easy initial setup process
Pros and Cons
- "The solution is easy to deploy."
- "The solution's technical support could be better."
What is our primary use case?
We use the solution to create playbooks for all the operational programs.
What needs improvement?
The solution's integration with non-security solutions will be helpful.
For how long have I used the solution?
We have been using the solution for almost two years now.
What do I think about the stability of the solution?
The solution is stable. I rate its stability an eight.
What do I think about the scalability of the solution?
I rate the solution's scalability as an eight. It is complex to scale.
How are customer service and support?
The solution's technical support team takes longer to reply to the queries.
How would you rate customer service and support?
Neutral
How was the initial setup?
The solution's initial setup process is straightforward.
What's my experience with pricing, setup cost, and licensing?
The solution's cost is reasonable. I rate its pricing as a five.
What other advice do I have?
I rate the solution an eight.
Which deployment model are you using for this solution?
On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Microsoft Sentinel
IBM Security QRadar
AWS Security Hub
Sumo Logic Security
ThreatConnect Threat Intelligence Platform (TIP)
ServiceNow Security Operations
Fortinet FortiSOAR
NetWitness NDR
IBM Resilient
McAfee ePolicy Orchestrator
Buyer's Guide
Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which Do You Recommend, Phantom or Demisto?
- Which SOAR product has the better value: Palo Alto Networks Cortex XSOAR or Swimlane? Why?
- Which solution do you prefer: Microsoft Sentinel or Palo Alto Networks Cortex XSOAR?
- What are the Top 5 cybersecurity trends in 2022?
- What is the difference between SIEM and SOAR platforms?
- What is an incident response playbook and how is it used in SOAR?
- What are the latest trends in Security Operations Center (SOC)?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- How to evaluate SIEM detection rules?
- Why a Security Operations Center (SOC) is important?