Palo Alto Networks Cortex XSOAR Reviews

XSOAR is the cherry on top of Cortex XDR. It provides you with the ability to make a lot of response actions to your incidents. Cortex XDR is collecting an incident, and Cortex XSOAR is providing you the ability to remediate it.

When the customers need the ability to remediate incidents, for example, antivirus or network security issues, some SIEM solution, et cetera, yet need to integrate everything, they can use the power of the platform without needing different solutions. Cortex XSOAR will give you the ability to integrate

For example, if some endpoint was infected in your infrastructure, you need to do something about that. XSOAR provides you the ability to understand how that endpoint was infected and to do something with that. 

Cortex XSOAR will go to the firewall and block the IP address of this endpoint. Cortex XSOAR will go to the domain and disable the user as well. Then it will go to some other solution and will do something there. It is a variety of actions based on the incidents. 

It is pretty modern. 

It has a lot of integrations. They have a portal where you can find any kind of integration that you need. The ability to integrate with third-party vendors and solutions is great. 

They have a big amount of playbooks. These are a set of actions that you need to perform based on some exact incident. For example, if you find malware, you will need to block an endpoint. If you find a botnet that is connecting to your infrastructure, you will need to block this botnet on the firewall. This set of playbooks that XSOAR already has inside it is really huge, and it is also great for a lot of informational security or managers and engineers that can just choose what they need and not have to create anything from the scratch.

The initial setup is straightforward. 

Nothing needs to be changed. It is a part of Cortex inside Palo Alto Networks. If you want to get all the benefits, you will need the Cortex XDR, then you will need to get Cortex XSOAR. It's like a brother and sister, and they will give you a lot of benefits if you integrate them. 

It's only one cloud right now. It might be helpful for some companies to have an on-premies option. 

I've been using the solution for a few months. It hasn't really been that long. 

As a cloud, it is really stable. All that you need to do is to provide a stable internet connection. That's all. Even without the internet connection, it still works, however, without the heart of the system, which is based in the cloud.

The solution is scalable. You have the ability to start from a small number of agents and go to any number of agents. Likely, small businesses will not need such a solution, however, if they will need it, and they need to grow, it can scale really well for them - so long as they have the money.

You get the same support you would get from Palo Alto Networks. It's the same support portal. You get really quick answers and nice instructions. The best practices they share with us are great.

The solution is on the cloud. You just have an agent on-premises, and all of the brains are in the cloud.

It is really straightforward, as it is a cloud deployment. You just need an agent, therefore, the basic deployment will be really straightforward, and it will take only maybe one hour or two. If you have thousands of endpoints, maybe it will take more time. That said, it is really is straightforward.

I can't speak to the exact cost of the solution. 

I'd recommend the solution.

I would rate it ten out of ten.

I'm using Cortex XSOAR to manage our network security.

I've been using Cortex XSOAR for about one year.

I have no complaints about Cortex's stability.

As far as I know, Cortex XSOAR's scalability is okay. I'm just a user, so I don't know.

Setting up Cortex is straightforward. This use case is the easiest to implement. I had help from two or three technicians.

I rate Palo Alto Networks Cortex XSOAR eight out of 10. I would recommend it to others.

I work for a company, and we provide support and complete end-to-end management of the product for our customers who hold the product.

Over thirty users are currently using Palo Alto Networks Cortex XSOAR in your organization. The role is inclusive, like administrator and engineer.

According to Gartner, it's a leader in NID. Customers are investing more in it, and that's why we are using the product.

The dashboard performance could be improved.

Another area of improvement is a support team. Moreover, we need to pay for modifying anything with scripting in terms of customization. It can be a challenge if the person isn't 100% good with scripting.

I have been using this solution for around four years and currently use the latest version.

It is a stable solution. I would rate it a nine out of ten.

It is quite scalable. I would rate it a ten out of ten.

Customer support could be better.

Neutral

For maintenance, two or three engineers are involved.

We use the yearly subscription.

Overall, I rate the solution a nine out of ten.

Our primary case issues are phishing, TI, and sensors.

The most valuable feature is automation. There is a huge variety of automation that can help any team and there is a threat model.

I think they should increase their collaboration base so that XSOAR can be utilized for any number of automation.

I have been using Palo Alto Networks Cortex XSOAR for the past two years.

Stability takes around three to six months to achieve complete stability in the environment.

The existing model is good, but if we go for big deployments, I think there are a few challenges in scalability. They use their internal BoltDB, which is good for a medium organization, but for large organizations, they support Elasticsearch, which is too costly. The DR capabilities are not good.

Technical support is professional, but they are not very friendly. The overall remote support is not where it should be.

Neutral

Palo Alto Networks Cortex XSOAR has a straightforward setup. Stability takes three months to six months, and then further stability, performance, and then complete utilization. Usually, it takes around a year to deploy it fully.

Normally, we use a third-party team to help us with the deployment.

I would rate Palo Alto Networks Cortex XSOAR an eight out of ten.

We primarily use the solution for automation and the orchestration of security.

We've only just installed the solution and need time to explore its functionality and capabilities. So far, we haven't experienced any issues.

The stability has been good overall.

The initial implementation wasn't overly complex. It was easy.

The pricing is very good.

Technical support is helpful and responsive.

Although we haven't used the solution for too long, we haven't come across any issues and haven't noticed any features that are lacking. We're largely satisfied with the offering. 

The user interface could be a bit better. It's the only aspect I've noticed that could possibly be improved. 

Other than that, we've been pretty happy with it.

We've just implemented the solution. We've only been using it for a few weeks. It hasn't been too long just yet.

So far, we have found the stability to be very reliable. There are no bugs or glitches. It doesn't crash or freeze. The performance, in the few weeks we've used it, has been good.

Technical support has been helpful so far. They are knowledgeable and responsive and we've been very satisfied with their level of support.

The installation was very straightforward. It only took about a day. Not even that long. The deployment was fast. A company shouldn't have run into any issues with the initial setup.

I was able to handle the implementation myself. I did not need the assistance of an integrator or consultant.

We've found the pricing to be very reasonable. It's not particularly expensive.

The customers do not have to pay for licensing; we deliver it for free.

We have the solution integrated into our QRadar.

In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience.

I would recommend the solution to other companies.

The solution is user-friendly and provides integration with multiple products.

The solution's features for reporting and dashboards need improvement. They need more customization options.

We have been using the solution for two years.

The solution is stable. I rate its stability a nine out of ten.

It is a scalable solution. I rate its scalability an eight out of ten.

The solution's initial setup process with proxy environments is complicated. It takes an hour to two complete.

I rate the process a seven out of ten.

The solution's cost is high. I rate its pricing a nine out of ten.

I rate the solution a nine out of ten.

The product can be used for securing endpoints from various types of attacks, threat incidents, and malware attacks.

NGFW and Cortex are the best features of the product. The solution provides threat intelligence with EDR. The most interesting part is that the product uses artificial intelligence and machine learning capabilities.

The solution should be made a bit cheaper.

I have been using the solution for six months.

The solution is quite stable.

The product is scalable. It can integrate with a lot of products.

Support is good.

The initial setup is straightforward.

With the right skillsets, the deployment is quite easy and does not take a lot of time. You can do the deployment manually or push it through your Active Directory.

I would definitely recommend the product to others. Overall, I rate the product a nine out of ten.

Our customers use the product for automation.

It is a good tool for automation. The product is quite easy to use. It provides great integrations.

We need a little hands-on experience to install the solution. The installation process is technical.

I have been working with the solution for six months.

The solution is quite stable. I rate the stability an eight out of ten. So far, the stability is okay.

The product is scalable. I rate the scalability an eight out of ten. At a managed service level, the product can really scale well. So far, it’s good. Our clients are small, medium and enterprise businesses.

We will need specific knowledge to install the product, depending on the use case.

We need to maintain the solution from time to time, especially with the upgrades. One person is enough to maintain the product.

The solution is a bit on the expensive side. I rate the pricing a seven out of ten.

We are resellers and managed service providers of the product. The infrastructure is handled by someone else. I do the analysis. Overall, I rate the product an eight out of ten.