Palo Alto Networks Cortex XSOAR Reviews

It is a help desk ticketing tool. It's a sought platform, however, it is just a help desk ticketing tool.

It was useful as a ticketing tool. However, it's been discontinued. 

It doesn't have any integrations. It lacks multiple integrations. 

It is been decommissioned by Palo Alto. There's no more trying to support it. There will be no more additional items added.

The initial setup was complex.

I've been using the solution for a year or more. 

The stability is not there. 

I'm not sure how scalable the solution is.

I can't speak to technical support's capabilities. I don't have much experience with them. 

The setup has a bit of complexity. I'd rate the complexity five out of five. 

I'm not sure how long the deployment took.

We were a reseller. 

I'm not sure which version of the solution we're using. It might be behind a version or two. Demisto has been purchased by Palo Alto. There's a difference in versions between the organizations. The latest version is not defined by the organization.

Potential users should not purchase this product. They decommissioned the product, and it is now at end of life. 

I'd rate the solution three out of ten. It was sold to another company and decommissioned. 

XSOAR is the cherry on top of Cortex XDR. It provides you with the ability to make a lot of response actions to your incidents. Cortex XDR is collecting an incident, and Cortex XSOAR is providing you the ability to remediate it.

When the customers need the ability to remediate incidents, for example, antivirus or network security issues, some SIEM solution, et cetera, yet need to integrate everything, they can use the power of the platform without needing different solutions. Cortex XSOAR will give you the ability to integrate

For example, if some endpoint was infected in your infrastructure, you need to do something about that. XSOAR provides you the ability to understand how that endpoint was infected and to do something with that. 

Cortex XSOAR will go to the firewall and block the IP address of this endpoint. Cortex XSOAR will go to the domain and disable the user as well. Then it will go to some other solution and will do something there. It is a variety of actions based on the incidents. 

It is pretty modern. 

It has a lot of integrations. They have a portal where you can find any kind of integration that you need. The ability to integrate with third-party vendors and solutions is great. 

They have a big amount of playbooks. These are a set of actions that you need to perform based on some exact incident. For example, if you find malware, you will need to block an endpoint. If you find a botnet that is connecting to your infrastructure, you will need to block this botnet on the firewall. This set of playbooks that XSOAR already has inside it is really huge, and it is also great for a lot of informational security or managers and engineers that can just choose what they need and not have to create anything from the scratch.

The initial setup is straightforward. 

Nothing needs to be changed. It is a part of Cortex inside Palo Alto Networks. If you want to get all the benefits, you will need the Cortex XDR, then you will need to get Cortex XSOAR. It's like a brother and sister, and they will give you a lot of benefits if you integrate them. 

It's only one cloud right now. It might be helpful for some companies to have an on-premies option. 

I've been using the solution for a few months. It hasn't really been that long. 

As a cloud, it is really stable. All that you need to do is to provide a stable internet connection. That's all. Even without the internet connection, it still works, however, without the heart of the system, which is based in the cloud.

The solution is scalable. You have the ability to start from a small number of agents and go to any number of agents. Likely, small businesses will not need such a solution, however, if they will need it, and they need to grow, it can scale really well for them - so long as they have the money.

You get the same support you would get from Palo Alto Networks. It's the same support portal. You get really quick answers and nice instructions. The best practices they share with us are great.

The solution is on the cloud. You just have an agent on-premises, and all of the brains are in the cloud.

It is really straightforward, as it is a cloud deployment. You just need an agent, therefore, the basic deployment will be really straightforward, and it will take only maybe one hour or two. If you have thousands of endpoints, maybe it will take more time. That said, it is really is straightforward.

I can't speak to the exact cost of the solution. 

I'd recommend the solution.

I would rate it ten out of ten.

I'm using Cortex XSOAR to manage our network security.

I've been using Cortex XSOAR for about one year.

I have no complaints about Cortex's stability.

As far as I know, Cortex XSOAR's scalability is okay. I'm just a user, so I don't know.

Setting up Cortex is straightforward. This use case is the easiest to implement. I had help from two or three technicians.

I rate Palo Alto Networks Cortex XSOAR eight out of 10. I would recommend it to others.

I am satisfied with the product overall.

The solution’s price and technical support could be improved.

I would recommend Palo Alto Networks Cortex XSOAR for bigger businesses.

It is the kind of product I would recommend for clients who know what they want to achieve. They can put the potential tools to the test or POCs and verify the checkpoints of their needs before using the product. Palo Alto Networks Cortex XSOAR is not an out-of-the-box kind of product.

Overall, I rate the solution a seven out of ten.

I work for a company, and we provide support and complete end-to-end management of the product for our customers who hold the product.

Over thirty users are currently using Palo Alto Networks Cortex XSOAR in your organization. The role is inclusive, like administrator and engineer.

According to Gartner, it's a leader in NID. Customers are investing more in it, and that's why we are using the product.

The dashboard performance could be improved.

Another area of improvement is a support team. Moreover, we need to pay for modifying anything with scripting in terms of customization. It can be a challenge if the person isn't 100% good with scripting.

I have been using this solution for around four years and currently use the latest version.

It is a stable solution. I would rate it a nine out of ten.

It is quite scalable. I would rate it a ten out of ten.

Customer support could be better.

Neutral

For maintenance, two or three engineers are involved.

We use the yearly subscription.

Overall, I rate the solution a nine out of ten.

The solution is user-friendly and provides integration with multiple products.

The solution's features for reporting and dashboards need improvement. They need more customization options.

We have been using the solution for two years.

The solution is stable. I rate its stability a nine out of ten.

It is a scalable solution. I rate its scalability an eight out of ten.

The solution's initial setup process with proxy environments is complicated. It takes an hour to two complete.

I rate the process a seven out of ten.

The solution's cost is high. I rate its pricing a nine out of ten.

I rate the solution a nine out of ten.

The product can be used for securing endpoints from various types of attacks, threat incidents, and malware attacks.

NGFW and Cortex are the best features of the product. The solution provides threat intelligence with EDR. The most interesting part is that the product uses artificial intelligence and machine learning capabilities.

The solution should be made a bit cheaper.

I have been using the solution for six months.

The solution is quite stable.

The product is scalable. It can integrate with a lot of products.

Support is good.

The initial setup is straightforward.

With the right skillsets, the deployment is quite easy and does not take a lot of time. You can do the deployment manually or push it through your Active Directory.

I would definitely recommend the product to others. Overall, I rate the product a nine out of ten.

We primarily use the solution for automation and the orchestration of security.

We've only just installed the solution and need time to explore its functionality and capabilities. So far, we haven't experienced any issues.

The stability has been good overall.

The initial implementation wasn't overly complex. It was easy.

The pricing is very good.

Technical support is helpful and responsive.

Although we haven't used the solution for too long, we haven't come across any issues and haven't noticed any features that are lacking. We're largely satisfied with the offering. 

The user interface could be a bit better. It's the only aspect I've noticed that could possibly be improved. 

Other than that, we've been pretty happy with it.

We've just implemented the solution. We've only been using it for a few weeks. It hasn't been too long just yet.

So far, we have found the stability to be very reliable. There are no bugs or glitches. It doesn't crash or freeze. The performance, in the few weeks we've used it, has been good.

Technical support has been helpful so far. They are knowledgeable and responsive and we've been very satisfied with their level of support.

The installation was very straightforward. It only took about a day. Not even that long. The deployment was fast. A company shouldn't have run into any issues with the initial setup.

I was able to handle the implementation myself. I did not need the assistance of an integrator or consultant.

We've found the pricing to be very reasonable. It's not particularly expensive.

The customers do not have to pay for licensing; we deliver it for free.

We have the solution integrated into our QRadar.

In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience.

I would recommend the solution to other companies.