Try our new research platform with insights from 80,000+ expert users
reviewer1232895 - PeerSpot reviewer
Commercial Director at a security firm with 11-50 employees
Reseller
Top 10
An overall satisfactory solution, but its pricing and technical support could be improved
Pros and Cons
  • "I am satisfied with the product overall."
  • "The solution’s price and technical support could be improved."

What is most valuable?

I am satisfied with the product overall.

What needs improvement?

The solution’s price and technical support could be improved.

What other advice do I have?

I would recommend Palo Alto Networks Cortex XSOAR for bigger businesses.

It is the kind of product I would recommend for clients who know what they want to achieve. They can put the potential tools to the test or POCs and verify the checkpoints of their needs before using the product. Palo Alto Networks Cortex XSOAR is not an out-of-the-box kind of product.

Overall, I rate the solution a seven out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
PeerSpot user
Sales engineer at MUK
Reseller
Modern with a straightforward setup and lots of integrations
Pros and Cons
  • "They have a portal where you can find any kind of integration that you need."
  • "It's only one cloud right now. It might be helpful for some companies to have an on-premies option."

What is our primary use case?

XSOAR is the cherry on top of Cortex XDR. It provides you with the ability to make a lot of response actions to your incidents. Cortex XDR is collecting an incident, and Cortex XSOAR is providing you the ability to remediate it.

When the customers need the ability to remediate incidents, for example, antivirus or network security issues, some SIEM solution, et cetera, yet need to integrate everything, they can use the power of the platform without needing different solutions. Cortex XSOAR will give you the ability to integrate

For example, if some endpoint was infected in your infrastructure, you need to do something about that. XSOAR provides you the ability to understand how that endpoint was infected and to do something with that. 

Cortex XSOAR will go to the firewall and block the IP address of this endpoint. Cortex XSOAR will go to the domain and disable the user as well. Then it will go to some other solution and will do something there. It is a variety of actions based on the incidents. 

What is most valuable?

It is pretty modern. 

It has a lot of integrations. They have a portal where you can find any kind of integration that you need. The ability to integrate with third-party vendors and solutions is great. 

They have a big amount of playbooks. These are a set of actions that you need to perform based on some exact incident. For example, if you find malware, you will need to block an endpoint. If you find a botnet that is connecting to your infrastructure, you will need to block this botnet on the firewall. This set of playbooks that XSOAR already has inside it is really huge, and it is also great for a lot of informational security or managers and engineers that can just choose what they need and not have to create anything from the scratch.

The initial setup is straightforward. 

What needs improvement?

Nothing needs to be changed. It is a part of Cortex inside Palo Alto Networks. If you want to get all the benefits, you will need the Cortex XDR, then you will need to get Cortex XSOAR. It's like a brother and sister, and they will give you a lot of benefits if you integrate them. 

It's only one cloud right now. It might be helpful for some companies to have an on-premies option. 

For how long have I used the solution?

I've been using the solution for a few months. It hasn't really been that long. 

What do I think about the stability of the solution?

As a cloud, it is really stable. All that you need to do is to provide a stable internet connection. That's all. Even without the internet connection, it still works, however, without the heart of the system, which is based in the cloud.

What do I think about the scalability of the solution?

The solution is scalable. You have the ability to start from a small number of agents and go to any number of agents. Likely, small businesses will not need such a solution, however, if they will need it, and they need to grow, it can scale really well for them - so long as they have the money.

How are customer service and support?

You get the same support you would get from Palo Alto Networks. It's the same support portal. You get really quick answers and nice instructions. The best practices they share with us are great.

How was the initial setup?

The solution is on the cloud. You just have an agent on-premises, and all of the brains are in the cloud.

It is really straightforward, as it is a cloud deployment. You just need an agent, therefore, the basic deployment will be really straightforward, and it will take only maybe one hour or two. If you have thousands of endpoints, maybe it will take more time. That said, it is really is straightforward.

What's my experience with pricing, setup cost, and licensing?

I can't speak to the exact cost of the solution. 

What other advice do I have?

I'd recommend the solution.

I would rate it ten out of ten.

Which deployment model are you using for this solution?

Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer:
PeerSpot user
Buyer's Guide
Palo Alto Networks Cortex XSOAR
December 2024
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Nicolo Corrado - PeerSpot reviewer
Consulente immobiliare at Libero
Real User
I have no complaints about the stability
Pros and Cons
  • "I have no complaints about Cortex's stability."

    What is our primary use case?

    I'm using Cortex XSOAR to manage our network security.

    For how long have I used the solution?

    I've been using Cortex XSOAR for about one year.

    What do I think about the stability of the solution?

    I have no complaints about Cortex's stability.

    What do I think about the scalability of the solution?

    As far as I know, Cortex XSOAR's scalability is okay. I'm just a user, so I don't know.

    How was the initial setup?

    Setting up Cortex is straightforward. This use case is the easiest to implement. I had help from two or three technicians.

    What other advice do I have?

    I rate Palo Alto Networks Cortex XSOAR eight out of 10. I would recommend it to others.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    reviewer1446645 - PeerSpot reviewer
    Network and Information Security at a tech services company with 10,001+ employees
    Real User
    Top 20
    Highly scalable solution
    Pros and Cons
    • "It is quite scalable. I would rate it a ten out of ten."
    • "The dashboard performance could be improved."

    What is our primary use case?

    I work for a company, and we provide support and complete end-to-end management of the product for our customers who hold the product.

    How has it helped my organization?

    Over thirty users are currently using Palo Alto Networks Cortex XSOAR in your organization. The role is inclusive, like administrator and engineer.

    What is most valuable?

    According to Gartner, it's a leader in NID. Customers are investing more in it, and that's why we are using the product.

    What needs improvement?

    The dashboard performance could be improved.

    Another area of improvement is a support team. Moreover, we need to pay for modifying anything with scripting in terms of customization. It can be a challenge if the person isn't 100% good with scripting.

    For how long have I used the solution?

    I have been using this solution for around four years and currently use the latest version.

    What do I think about the stability of the solution?

    It is a stable solution. I would rate it a nine out of ten.

    What do I think about the scalability of the solution?

    It is quite scalable. I would rate it a ten out of ten.

    How are customer service and support?

    Customer support could be better.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    For maintenance, two or three engineers are involved.

    What's my experience with pricing, setup cost, and licensing?

    We use the yearly subscription.

    What other advice do I have?

    Overall, I rate the solution a nine out of ten.

    Which deployment model are you using for this solution?

    Private Cloud

    If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

    Google
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    reviewer1520922 - PeerSpot reviewer
    Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
    MSP
    Easy to set up with good technical support and good stability
    Pros and Cons
    • "The pricing is very good."
    • "The user interface could be a bit better."

    What is our primary use case?

    We primarily use the solution for automation and the orchestration of security.

    What is most valuable?

    We've only just installed the solution and need time to explore its functionality and capabilities. So far, we haven't experienced any issues.

    The stability has been good overall.

    The initial implementation wasn't overly complex. It was easy.

    The pricing is very good.

    Technical support is helpful and responsive.

    What needs improvement?

    Although we haven't used the solution for too long, we haven't come across any issues and haven't noticed any features that are lacking. We're largely satisfied with the offering. 

    The user interface could be a bit better. It's the only aspect I've noticed that could possibly be improved. 

    Other than that, we've been pretty happy with it.

    For how long have I used the solution?

    We've just implemented the solution. We've only been using it for a few weeks. It hasn't been too long just yet.

    What do I think about the stability of the solution?

    So far, we have found the stability to be very reliable. There are no bugs or glitches. It doesn't crash or freeze. The performance, in the few weeks we've used it, has been good.

    How are customer service and technical support?

    Technical support has been helpful so far. They are knowledgeable and responsive and we've been very satisfied with their level of support.

    How was the initial setup?

    The installation was very straightforward. It only took about a day. Not even that long. The deployment was fast. A company shouldn't have run into any issues with the initial setup.

    What about the implementation team?

    I was able to handle the implementation myself. I did not need the assistance of an integrator or consultant.

    What's my experience with pricing, setup cost, and licensing?

    We've found the pricing to be very reasonable. It's not particularly expensive.

    The customers do not have to pay for licensing; we deliver it for free.

    What other advice do I have?

    We have the solution integrated into our QRadar.

    In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience.

    I would recommend the solution to other companies.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Implementer
    PeerSpot user
    CyberSecurity Consultant at Information Technology Solutions- ITS
    Real User
    Top 20
    User-friendly solution with good stability
    Pros and Cons
    • "It is a scalable solution."
    • "Its dashboard features need improvement."

    What is most valuable?

    The solution is user-friendly and provides integration with multiple products.

    What needs improvement?

    The solution's features for reporting and dashboards need improvement. They need more customization options.

    For how long have I used the solution?

    We have been using the solution for two years.

    What do I think about the stability of the solution?

    The solution is stable. I rate its stability a nine out of ten.

    What do I think about the scalability of the solution?

    It is a scalable solution. I rate its scalability an eight out of ten.

    How was the initial setup?

    The solution's initial setup process with proxy environments is complicated. It takes an hour to two complete.

    I rate the process a seven out of ten.

    What's my experience with pricing, setup cost, and licensing?

    The solution's cost is high. I rate its pricing a nine out of ten.

    What other advice do I have?

    I rate the solution a nine out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    None at Invecto
    Real User
    Top 20
    A scalable and stable product that has artificial intelligence and machine learning capabilities
    Pros and Cons
    • "The solution provides threat intelligence with EDR."
    • "The solution should be made a bit cheaper."

    What is our primary use case?

    The product can be used for securing endpoints from various types of attacks, threat incidents, and malware attacks.

    What is most valuable?

    NGFW and Cortex are the best features of the product. The solution provides threat intelligence with EDR. The most interesting part is that the product uses artificial intelligence and machine learning capabilities.

    What needs improvement?

    The solution should be made a bit cheaper.

    For how long have I used the solution?

    I have been using the solution for six months.

    What do I think about the stability of the solution?

    The solution is quite stable.

    What do I think about the scalability of the solution?

    The product is scalable. It can integrate with a lot of products.

    How are customer service and support?

    Support is good.

    How was the initial setup?

    The initial setup is straightforward.

    What about the implementation team?

    With the right skillsets, the deployment is quite easy and does not take a lot of time. You can do the deployment manually or push it through your Active Directory.

    What other advice do I have?

    I would definitely recommend the product to others. Overall, I rate the product a nine out of ten.

    Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
    PeerSpot user
    reviewer1367535 - PeerSpot reviewer
    Security Professional at a tech services company with 51-200 employees
    Real User
    Great scalability for medium size organizations, diverse automation opportunities, and professional technical support
    Pros and Cons
    • "The most valuable feature is automation."
    • "I think they should increase their collaboration base."

    What is our primary use case?

    Our primary case issues are phishing, TI, and sensors.

    What is most valuable?

    The most valuable feature is automation. There is a huge variety of automation that can help any team and there is a threat model.

    What needs improvement?

    I think they should increase their collaboration base so that XSOAR can be utilized for any number of automation.

    For how long have I used the solution?

    I have been using Palo Alto Networks Cortex XSOAR for the past two years.

    What do I think about the stability of the solution?

    Stability takes around three to six months to achieve complete stability in the environment.

    What do I think about the scalability of the solution?

    The existing model is good, but if we go for big deployments, I think there are a few challenges in scalability. They use their internal BoltDB, which is good for a medium organization, but for large organizations, they support Elasticsearch, which is too costly. The DR capabilities are not good.

    How are customer service and support?

    Technical support is professional, but they are not very friendly. The overall remote support is not where it should be.

    How would you rate customer service and support?

    Neutral

    How was the initial setup?

    Palo Alto Networks Cortex XSOAR has a straightforward setup. Stability takes three months to six months, and then further stability, performance, and then complete utilization. Usually, it takes around a year to deploy it fully.

    What about the implementation team?

    Normally, we use a third-party team to help us with the deployment.

    What other advice do I have?

    I would rate Palo Alto Networks Cortex XSOAR an eight out of ten.

    Which deployment model are you using for this solution?

    On-premises
    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    PeerSpot user
    Buyer's Guide
    Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros sharing their opinions.
    Updated: December 2024
    Buyer's Guide
    Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros sharing their opinions.