Our customers use the product for automation.
Cyber Security Analyst at a tech services company with 11-50 employees
A scalable and easy-to-use tool that can be used for automation
Pros and Cons
- "The product is quite easy to use."
- "We need a little hands-on experience to install the solution."
What is our primary use case?
What is most valuable?
It is a good tool for automation. The product is quite easy to use. It provides great integrations.
What needs improvement?
We need a little hands-on experience to install the solution. The installation process is technical.
For how long have I used the solution?
I have been working with the solution for six months.
Buyer's Guide
Palo Alto Networks Cortex XSOAR
December 2024
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
What do I think about the stability of the solution?
The solution is quite stable. I rate the stability an eight out of ten. So far, the stability is okay.
What do I think about the scalability of the solution?
The product is scalable. I rate the scalability an eight out of ten. At a managed service level, the product can really scale well. So far, it’s good. Our clients are small, medium and enterprise businesses.
How was the initial setup?
We will need specific knowledge to install the product, depending on the use case.
What about the implementation team?
We need to maintain the solution from time to time, especially with the upgrades. One person is enough to maintain the product.
What's my experience with pricing, setup cost, and licensing?
The solution is a bit on the expensive side. I rate the pricing a seven out of ten.
What other advice do I have?
We are resellers and managed service providers of the product. The infrastructure is handled by someone else. I do the analysis. Overall, I rate the product an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller
Consultant at a tech services company with 501-1,000 employees
High level log overviews, integrates well, and effective orchestration
Pros and Cons
- "The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
- "There should be an on-premise version available for customers to have different choices."
What is our primary use case?
We are using this solution to have a completely organized SOC from a list of devices in our environment. We are able to manage all of our devices, such as firewalls and endpoint protection solutions.
What is most valuable?
The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information. Additionally, this solution integrates very well, we have integrated a Palo Alto firewall and everything is working perfectly.
What needs improvement?
There should be an on-premise version available for customers to have different choices.
For how long have I used the solution?
I have been using this solution for approximately one year.
What do I think about the stability of the solution?
The solution is very reliable because it is on the cloud.
What do I think about the scalability of the solution?
The solution is scalable. We have already approximately 200 devices deployed into the cloud and we are planning to increase usage in the future. We have approximately 600 employees using this solution in my organization and the solution has been completely coordinating the logs of all these users well.
How are customer service and technical support?
The technical support is satisfactory. If we need any clarification or faced any issues we have been in contact with the support. However, there is room for improvement.
How was the initial setup?
The solution is easy to deploy and manage.
What's my experience with pricing, setup cost, and licensing?
There is a yearly license required for this solution and it is expensive.
Which other solutions did I evaluate?
We have evaluated other solutions but they do not compare with the number of features this solution provides. There is a wide range of features in this solution.
What other advice do I have?
I would recommend this solution to those that already have a SOC or a NOC. It will enhance their logs and XSOAR will handle their internet activities.
If they are not involved with SOCs or NOCs then I do not think they require this solution.
I rate Palo Alto Networks Cortex XSOAR an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Buyer's Guide
Palo Alto Networks Cortex XSOAR
December 2024
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,067 professionals have used our research since 2012.
Network Security Engineer at a tech services company with 201-500 employees
Very scalable, awesome automation, and awesome technical support
Pros and Cons
- "The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
- "For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
What is our primary use case?
The use cases basically came from the customers. Most of the time, the major concern is from a security perspective because various kinds of attacks are happening. To restrict or stop those attacks, we are building playbooks. We are also automating repetitive tasks.
We are using on-premise as well as cloud deployments.
What is most valuable?
The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work.
What needs improvement?
For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else.
In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added.
For how long have I used the solution?
I have been working on this solution for the last four months.
What do I think about the stability of the solution?
Its stability is okay.
What do I think about the scalability of the solution?
It is very scalable. It can be easily integrated with other third-party APIs.
How are customer service and technical support?
Their technical support is awesome. It is far better than the technical support of any other company.
How was the initial setup?
The setup is very easy. It is very straightforward. The deployment took around 15 minutes.
What's my experience with pricing, setup cost, and licensing?
From the cost perspective, I have heard that its price is a bit high as compared to other similar products.
What other advice do I have?
For each SOC and MSS environment, I would recommend using Cortex XSOAR for better productivity, scalability, performance, and efficiency. A lot of manual work is happening right now, and that could be avoided. People can be utilized for more productive work.
I would rate Palo Alto Network Cortex XSOAR an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Supervisor SOC at a tech services company with 51-200 employees
Integrates well, stable, and good technical support
Pros and Cons
- "I have found the solution very useful, it integrates well with other platforms."
- "The configuration of the solution could improve it is difficult."
What is most valuable?
I have found the solution very useful, it integrates well with other platforms.
For how long have I used the solution?
I have used Palo Alto Networks Cortex XSOAR within the last 12 months.
What do I think about the stability of the solution?
The solution is stable.
What do I think about the scalability of the solution?
I have found Palo Alto Networks Cortex XSOAR to be scalable all the time.
How are customer service and support?
The technical support is good.
How was the initial setup?
The configuration of the solution could improve it is difficult.
What about the implementation team?
We have four engineers that do the implementation and maintenance of the solution.
What's my experience with pricing, setup cost, and licensing?
The price of Palo Alto Networks Cortex XSOAR is expensive.
What other advice do I have?
I rate Palo Alto Networks Cortex XSOAR a nine out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
Director at a tech services company with 11-50 employees
Simple to use, good documentation, and integrates well into the environment
Pros and Cons
- "The most valuable features are simplicity and ease of integration."
- "Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
What is our primary use case?
We are a solution provider and this is one of the products that we are selling to our clients.
What is most valuable?
The most valuable features are simplicity and ease of integration.
The documentation is fantastic.
What needs improvement?
Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners.
It has to be richer with respect to IoT. I expect that in future versions, support for a variety of devices will be added.
For how long have I used the solution?
We have about two months of experience with Demisto Enterprise.
What do I think about the stability of the solution?
This is a stable solution.
What do I think about the scalability of the solution?
My impression is that Demisto is scalable and it is capable of working across wide geography at any given point in time. The traffic comes in from everywhere in the world and this solution is able to identify threats ahead of time.
Our clients for this solution are medium-sized and enterprise-level businesses.
How was the initial setup?
The initial setup of this solution is complex. My understanding is that it can be deployed within a few days.
What's my experience with pricing, setup cost, and licensing?
There is a perception that it is priced very high compared to other solutions.
What other advice do I have?
Demisto is a product that I recommend.
I would rate this solution an eight out of ten.
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Microsoft Sentinel
IBM Security QRadar
AWS Security Hub
Sumo Logic Security
ThreatConnect Threat Intelligence Platform (TIP)
ServiceNow Security Operations
Fortinet FortiSOAR
NetWitness NDR
IBM Resilient
McAfee ePolicy Orchestrator
Buyer's Guide
Download our free Palo Alto Networks Cortex XSOAR Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Which Do You Recommend, Phantom or Demisto?
- Which SOAR product has the better value: Palo Alto Networks Cortex XSOAR or Swimlane? Why?
- Which solution do you prefer: Microsoft Sentinel or Palo Alto Networks Cortex XSOAR?
- What are the Top 5 cybersecurity trends in 2022?
- What is the difference between SIEM and SOAR platforms?
- What is an incident response playbook and how is it used in SOAR?
- What are the latest trends in Security Operations Center (SOC)?
- What tools and solutions do you use for automated incident response in an enterprise in 2022?
- How to evaluate SIEM detection rules?
- Why a Security Operations Center (SOC) is important?