I recommend the tool to first-time users. Before using Cortex XDR agent, the previous antivirus and EDR solution needs to be set with the new or the latest Cortex XDR agent, especially the policies. The tool is easy to learn, understand, and manage with a one-day training session compared to other products. I rate the tool a nine out of ten.
Sr. Endpoint Security Engineer at iOPEX Technologies
Real User
Top 20
2024-08-21T14:52:27Z
Aug 21, 2024
I recommend the tool as it is an emerging or upcoming product with a set of features. My recommendation of the tool surely depends upon the scale of the business. The tool is easy to use. We even have an accounts team where they can help you from scratch. We have a tech support team who would definitely suggest it to you over the session, so nothing as such is required as they will definitely help the users with the tool. I rate the tool an eight and a half or nine out of ten.
I recommend conducting a thorough evaluation for organizations considering Cortex XDR based on your specific security requirements and environment. Engage closely with Palo Alto Networks or a certified partner to leverage their expertise in deployment and configuration. I rate it a ten out of ten.
Network Security Engineer at a tech services company with 10,001+ employees
MSP
Top 20
2024-07-09T08:27:08Z
Jul 9, 2024
Cortex is a good product. But like every other product, it has some flaws. Not every product is ideal. Every product has its flaws. So when compared with other products, Cortex is one of the good products. I would suggest you take the product because it is really one of the good products, but it has some flaws. So, I would rate it an eight out of ten.
I use the solution for investigation, which includes incident handling and incident alerts. There is a separate part in Cortex XDR where we can use timestamps to categorize the alert or attack type. Based on the attack criticality, we can investigate and fine-tune a lot of things. In Cortex XDR, we can get the same alert at different times. We can fine-tune using the Cortex XDR tool. Also, we can use queries in Cortex XDR for automation, accessing the device, or scanning the device. The query part is good, but we need to spend a little time learning about the query. It's easy to understand the query. There is a template that you can use to click and say something. If you are going to investigate, many tabs are given based on the tactics, techniques, and procedures. It is easy to understand, and we can gather basic information from there. It is easy for a new user to learn to use the solution for the first time. Overall, I rate the solution ten out of ten.
Cortex XDR by Palo Alto Networks is a cloud-based solution. I would recommend the solution to other users if they can afford it. Cortex XDR by Palo Alto Networks is worth the money. It is easy for a beginner to learn to use the solution for the first time. Overall, I rate the solution a seven out of ten.
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
No one is providing effective training, and it's not reaching customers or partners properly. The product is good. All of these things are correct, including their behavior analysis efficiency. It monitors processes and immediately blocks them. When I test it with a customer or partner in my lab, I showcase how ransomware protection works. It's very effective, and it's also available in the library. Instead of monitoring all files and processes, it monitors devices. It triggers an immediate response if someone tries to encrypt, rename, delegate, or modify files. It sends a response and blocks the process immediately, signaling something malicious has occurred. The central team is utilizing it. They aren't using any custom rules or anything. Just this specific tech is just starting to utilize AI. We can integrate it into process or behavior monitoring, making it faster. I recommend the solution. Overall, I rate the solution a ten out of ten.
I recommend Cortex XDR by Palo Alto Networks and rate it an eight out of ten. It is a good solution for the commercial sector as they can work on the cloud. I advise others to refer to user guides for understanding the processes easily.
I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.
Customers often ask for proof of concept. People wanting to use the solution should analyze the different tools that can be integrated with the product. At first, clients only consider it an EDR, but later, they might realize that the tool does not have all the capabilities they need. Overall, I rate the solution an eight out of ten.
Servicio Posventa at a security firm with 11-50 employees
Real User
Top 5
2023-02-02T21:36:10Z
Feb 2, 2023
I consider Cortex XDR by Palo Alto Network a good solution. They have good support, and they listen to customer feedback. On a scale from one to nine, I would give Cortex XDR by Palo Alto Network a nine.
Site administrator officer at a tech services company with 11-50 employees
Real User
Top 10
2023-01-16T17:15:26Z
Jan 16, 2023
We are using two engineers for the maintenance of the solution. In our market here in Malaysia, the solution is perceived as being of high quality and providing good service. I would recommend this solution to others, it is a good solution. It is my job to recommend solutions. I rate Cortex XDR by Palo Alto Networks an eight out of ten. The solution is not perfect and that is why I gave the rating of eight.
Sr. Network Engineer at a construction company with 10,001+ employees
Real User
2022-10-26T08:24:25Z
Oct 26, 2022
After the deployment of this solution, there is no need for maintenance. I recommend this solution to others because it is easy to manage, reliable, and overall good to use. I rate Cortex XDR by Palo Alto Networks an eight out of ten.
Network and security engineer at a tech services company with 11-50 employees
Real User
2022-06-28T15:48:36Z
Jun 28, 2022
We're a reseller. We are using the latest, most up-to-date version, of the product. I would recommend using it with another protection layer. Cortex should provide an additional layer of security apart from this. You might have to integrate with other vendors also. If you are looking to deploy a security solution as a whole, this is a good option. I'd rate the solution seven out of ten. If we had more advanced security features, I'd rate it higher.
System Engineer at a logistics company with 5,001-10,000 employees
Real User
2022-06-07T07:19:37Z
Jun 7, 2022
We are customers and end-users. We're using the latest version of the solution. Palo Alto is a big company. They are very good at security, so it's good if it's the first time a company is using this product. However, we are moving to SentinelOne as we are corporate. That means, if there is one branch upgraded or moved to something, we must follow. We are following our corporate instructions. If I was given the choice, I would be still using Cortex XDR as it's fulfilling my need. I'd rate the solution eight out of ten. The downside is each time I go to the portal and I check the versions, it's outdated. You need to upgrade each month or every forty days and it's a lot.
I think any XDR technology is best for protecting an environment from cyber attacks. The visibility it provides is crucial and XDR gives us that, we can see all effect vectors. I rate this solution eight out of 10.
Senior IT Specialist at a manufacturing company with 1,001-5,000 employees
Real User
2022-03-16T12:38:21Z
Mar 16, 2022
My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner. We have not yet completed our review of the product. At this time, I would rate it a five out of 10.
Information Technology Consultant at Trillennium (Pvt) Ltd
Reseller
2022-02-11T13:57:59Z
Feb 11, 2022
So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines. We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution. We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution. When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten. It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.
Cloud and Security Architect at a transportation company with 51-200 employees
Real User
2022-01-20T10:23:15Z
Jan 20, 2022
My advice for anybody who is implementing this product is to ensure that the project plan has appropriate troubleshooting time in it. Overall, I'm quite happy with the product. I would rate this solution an eight out of ten.
I'm rating this solution a ten out of ten because it is very good for managed threat hunting and incident response. It is the best XDR solution. It's better than other tools because it uses enterprise architecture. Everybody will find that this solution is easy to use.
Information Technology Corporate Manager at a consumer goods company with 1,001-5,000 employees
Real User
2021-11-24T20:05:21Z
Nov 24, 2021
It is important to have security tools in order to review, monitoring and hunt the potential attacks. We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool. It's an efficient solution. I recommend this solution to my business partners and other companies. I rate Cortex XDR by Palo Alto Networks a ten out of ten. Other solutions I have used I would rate a seven out of ten. There is not something that comes close to this solution.
CyberSecurity Consultant at Information Technology Solutions- ITS
Real User
Top 20
2021-11-02T18:30:56Z
Nov 2, 2021
I have found the solution to be very easy in respect of the integration and configurable. The integrations are out-of-the-box, as are the playbooks. The solution is deployed solely on-premises on a single server. As of now, there are six users making use of the solution. My advice is that the on-premises environments for the product's use should be increased. I rate Cortex XDR by Palo Alto Networks as an eight out of ten.
System Administrator at NATIONAL ASSOCIATION OF REALTORS
Real User
2021-06-30T17:51:45Z
Jun 30, 2021
Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs. You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs. So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class. On a scale from one to ten, I would rate Cortex XDR at nine.
Cortex XDR is a threat analytics security manager that allows users to see what threats are going to endpoints. It's a very high-security solution. The next step up from Cortex XDR is Cortex XSOAR. XSOAR is an automated threat solution. It's a security solution from Palo Alto. I'd recommend the solution to others. I'd rate it at a nine out of ten overall.
Network and Cybersecurity Consultant at a tech services company with 11-50 employees
Reseller
2021-01-27T06:34:21Z
Jan 27, 2021
I would recommend Cortex XDR by Palo Alto Networks to potential users. On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.
Vice President / Chief Technology Officer at Sinnott Wolach Technology Group
Reseller
2021-01-07T19:20:58Z
Jan 7, 2021
You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together. I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.
Consultant at a tech services company with 501-1,000 employees
Reseller
2020-11-24T00:53:45Z
Nov 24, 2020
If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex. I would rate Cortex XDR a nine out of ten.
Network Designer at a computer software company with 1,001-5,000 employees
Real User
2020-10-22T14:34:13Z
Oct 22, 2020
While we deal with the cloud deployment model, we've also often used the on-premises deployment. I'd advise other companies to use the solution. It really is the best one out there. Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.
I don't use this product on a daily basis but we like what we have so far and I would definitely recommend it to other users. My advice is to make sure that you have a good implementor and that the reseller you're purchasing from gives you a highly-qualified engineer. Overall, we are happy with this product but that said, nothing does everything that you want. I would rate this solution a nine out of ten.
IT Director at a energy/utilities company with 1,001-5,000 employees
Real User
2020-10-13T07:21:37Z
Oct 13, 2020
We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. We chose Fidelis. They meet the regulations and they are on-premises. We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations. I would rate Cortex XDR by Palo Alto Networks an eight out of ten.
System Manager at a consumer goods company with 10,001+ employees
Real User
2020-08-30T08:33:28Z
Aug 30, 2020
My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability. On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.
Senior Information Security Architect at a tech services company with 201-500 employees
Real User
2020-07-19T08:15:00Z
Jul 19, 2020
We have a partnership with Palo Alto. I'm a consultant, I'm pre-sales as a technical sales engineer. I try to show the value of any product for the customer. I don't actually use the solution myself. The solution does not have an on-premises option. It's only available on the cloud. For XDR new users just need to make sure they have the right policies in place. The solution does offer pre-configured policies. Organizations will want to make sure it is actually fitting them in the places where they will be working best. It's important as well that they don't make it a default selection. Users need to make sure that it's really configured and whitelisted and everything fits the organization. I'd rate the solution eight out of ten. I'd rate it higher, however, the deployment process is poor even though the features are decent. Competitors like Carbon Black have much easier deployments.
CIO/CTO at a manufacturing company with 501-1,000 employees
Real User
2020-07-09T06:27:01Z
Jul 9, 2020
We simply use the solution as a customer. I would not recommend the solution. I'd advise other companies to rather go with Palo Alto's firewall as a better option. I've already advised others not to touch it. It's not worth it at all to even consider using it. I'd rate the solution six out of ten. Their new GUI is very nice, however, as a professional service, it's lacking in a lot of areas.
My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features. From my experience, it is one of the better ones in the market. That said, no product is 100%. I would rate this solution a nine out of ten.
The main advice I can share is to watch out for your database and make sure to give it enough resources. That's it. I would rate this solution eight out of 10.
IT-Administration at a mining and metals company with 51-200 employees
Consultant
2019-06-24T12:13:00Z
Jun 24, 2019
We use the on-prem version, not the cloud version of Palo Alto. We use it daily but we have logs. Normally, if we have an incident in detection from a wire system, there's more effort. But typically it would take about ten minutes in order to check the logs and it's not complex at all. But if you have some threats or viruses then, of course, maintenance takes longer. In terms of advice, I'd say it depends on the usage of the PCs. For us to use in the main production, Palo Alto benefited us. It was easy to install and performance of the traps themselves are very good. In most cases, you don't have to worry about the performance of the PC at all. Palo Alto Traps takes up very few resources. I would rate this solution 9 out of 10.
Network Manager of Cyber Defence at a government with 1,001-5,000 employees
Real User
2019-02-11T08:11:00Z
Feb 11, 2019
Make sure you have a proper inventory of all the applications running. That's something we should have done to start with. We intended to do so but because we're using very strange applications to deal with satellite imagery, and it was giving us some issues. For somebody who's using the standard Microsoft Office, it's really straightforward. But if you have exotic applications, then make sure you test it before you deploy it. You will have issues. To maintain it, the only thing you have to do is download the latest updates and install them. After that, the only maintenance you need is checking the logs every day to see what has been sent to the cloud for sandboxing and then move to the culprit machine to see what happened. It's difficult to say how many people are required for this. As soon as you get something exotic on the machine, this can take an hour, but that's not related to Traps. Traps is just telling you there's something exotic. After that, it's the time you spend doing all the malware and other analyses. As far as Traps is concerned as such, it doesn't require much maintenance. It's something you set and forget. I would give Traps a nine out of ten. I think it's a very good application. It detected stuff that other things wouldn't detect. I'm very positive about it and was extremely satisfied with it. We had it for the reason I noted earlier. It has been replaced by something else, but I had a very good experience with it. Had we been in a Microsoft Office business - the normal applications - we never would have moved. But the people in charge of the system went to Microsoft Defender.
Information Technology Manager at a hospitality company with 10,001+ employees
Real User
2019-02-07T12:28:00Z
Feb 7, 2019
Overall, Traps is a very good application when you compare endpoint security solutions available in the market. You can see your value for your money. You can see the results and sleep peacefully. You don't have to worry about a ransomware attack. Traps is very well-designed. It also does good things with deep machine learning. If it finds any malicious activity, it will alert you. Based on our feedback and recommendations, our sister companies had been looking forward to replacing their current solution with the Traps. My current company is in the process of evaluating the solution.
Lead IT Security Analyst at a mining and metals company with 1,001-5,000 employees
Real User
2019-01-17T10:53:00Z
Jan 17, 2019
If ransomware were to spread throughout your company, you would not want your file shares to be encrypted nor your servers to be affected. My advice would be get Traps on your servers and on your workstations. Go with version 5 and the cloud instance, then turn on all the features that you can. Some of them come by default disabled out-of-the-box, but you want to turn on all of the features, such as local analysis, file quarantine, WildFire, malicious and grayware blocking and quarantine, restrictions (don't allow executables to run from USB drives, unless it's whitelisted). Turn on all the exploit protections with dynamic updates, and just let it just update. Since we all know the next version of Flash Player is going to have a vulnerability which no one knows about until it's discovered. Then, at that point, it could have already been out there for a while. With Traps, it could potentially determine the exploit before it's even a known vulnerability. Turn on every single feature you can without taking an impact to performance. Once it's fine-tuned and doing its thing, I have never witnessed Traps not working properly. They have put in improvements over the years. We have been using the product for over four years now (since I've been with the company). They have added support for additional operating systems, such as Android, macOS, and Linux. They used to be Windows only. They put improvements where they no longer require you to have an on-premise server, so you can host it on the cloud. Thus, when endpoints leave the environment, they can connect to a cloud host and have full connectivity to your policies. When Traps does sandbox tests, it checks the verdict against their sandbox: WildFire. Having it in the cloud is great, because then the machine doesn't have to be on a VPN or within the company walls with connectivity to an on-premise server. Therefore, having the cloud implementation was definitely an improvement. When Palo Alto acquires a technology, they implement it into Traps and make the product better. They have done this in the past, and there are cool things coming in the future from these acquisitions.
The implementation is fairly straightforward and easy. With version 5, everything is now on the cloud. It is easy to work with and use. I would use mobile device management (MDM) or Active Directory (AD) to push the file everywhere when installing it, as it will auto go from there. The management is pretty low. Thus, it will be set it, and for the most part, you can forget it.
I think Traps has the best mix of features by price in the industry. It is not flawless by any means, but Palo Alto seems committed to it and are improving it. Traps 5.0 is promising, though they have a ways to go before I'd be willing to implement it.
Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs...
I recommend the tool to first-time users. Before using Cortex XDR agent, the previous antivirus and EDR solution needs to be set with the new or the latest Cortex XDR agent, especially the policies. The tool is easy to learn, understand, and manage with a one-day training session compared to other products. I rate the tool a nine out of ten.
I recommend the tool as it is an emerging or upcoming product with a set of features. My recommendation of the tool surely depends upon the scale of the business. The tool is easy to use. We even have an accounts team where they can help you from scratch. We have a tech support team who would definitely suggest it to you over the session, so nothing as such is required as they will definitely help the users with the tool. I rate the tool an eight and a half or nine out of ten.
I recommend conducting a thorough evaluation for organizations considering Cortex XDR based on your specific security requirements and environment. Engage closely with Palo Alto Networks or a certified partner to leverage their expertise in deployment and configuration. I rate it a ten out of ten.
Cortex is a good product. But like every other product, it has some flaws. Not every product is ideal. Every product has its flaws. So when compared with other products, Cortex is one of the good products. I would suggest you take the product because it is really one of the good products, but it has some flaws. So, I would rate it an eight out of ten.
I use the solution for investigation, which includes incident handling and incident alerts. There is a separate part in Cortex XDR where we can use timestamps to categorize the alert or attack type. Based on the attack criticality, we can investigate and fine-tune a lot of things. In Cortex XDR, we can get the same alert at different times. We can fine-tune using the Cortex XDR tool. Also, we can use queries in Cortex XDR for automation, accessing the device, or scanning the device. The query part is good, but we need to spend a little time learning about the query. It's easy to understand the query. There is a template that you can use to click and say something. If you are going to investigate, many tabs are given based on the tactics, techniques, and procedures. It is easy to understand, and we can gather basic information from there. It is easy for a new user to learn to use the solution for the first time. Overall, I rate the solution ten out of ten.
Cortex XDR by Palo Alto Networks is a cloud-based solution. I would recommend the solution to other users if they can afford it. Cortex XDR by Palo Alto Networks is worth the money. It is easy for a beginner to learn to use the solution for the first time. Overall, I rate the solution a seven out of ten.
No one is providing effective training, and it's not reaching customers or partners properly. The product is good. All of these things are correct, including their behavior analysis efficiency. It monitors processes and immediately blocks them. When I test it with a customer or partner in my lab, I showcase how ransomware protection works. It's very effective, and it's also available in the library. Instead of monitoring all files and processes, it monitors devices. It triggers an immediate response if someone tries to encrypt, rename, delegate, or modify files. It sends a response and blocks the process immediately, signaling something malicious has occurred. The central team is utilizing it. They aren't using any custom rules or anything. Just this specific tech is just starting to utilize AI. We can integrate it into process or behavior monitoring, making it faster. I recommend the solution. Overall, I rate the solution a ten out of ten.
I recommend Cortex XDR by Palo Alto Networks and rate it an eight out of ten. It is a good solution for the commercial sector as they can work on the cloud. I advise others to refer to user guides for understanding the processes easily.
I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.
Customers often ask for proof of concept. People wanting to use the solution should analyze the different tools that can be integrated with the product. At first, clients only consider it an EDR, but later, they might realize that the tool does not have all the capabilities they need. Overall, I rate the solution an eight out of ten.
I would recommend this solution to others who are interested in using it. I would rate Cortex XDR by Palo Alto Networks nine out of ten.
I rate it a nine out of ten.
I rate Cortex XDR by Palo Alto nine out of 10.
I consider Cortex XDR by Palo Alto Network a good solution. They have good support, and they listen to customer feedback. On a scale from one to nine, I would give Cortex XDR by Palo Alto Network a nine.
We are using two engineers for the maintenance of the solution. In our market here in Malaysia, the solution is perceived as being of high quality and providing good service. I would recommend this solution to others, it is a good solution. It is my job to recommend solutions. I rate Cortex XDR by Palo Alto Networks an eight out of ten. The solution is not perfect and that is why I gave the rating of eight.
I rate Cortex XDR 10 out of 10.
After the deployment of this solution, there is no need for maintenance. I recommend this solution to others because it is easy to manage, reliable, and overall good to use. I rate Cortex XDR by Palo Alto Networks an eight out of ten.
I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks an eight out of ten.
We're a reseller. We are using the latest, most up-to-date version, of the product. I would recommend using it with another protection layer. Cortex should provide an additional layer of security apart from this. You might have to integrate with other vendors also. If you are looking to deploy a security solution as a whole, this is a good option. I'd rate the solution seven out of ten. If we had more advanced security features, I'd rate it higher.
I'm a customer and end-user. I'd rate the solution seven out of ten.
We are customers and end-users. We're using the latest version of the solution. Palo Alto is a big company. They are very good at security, so it's good if it's the first time a company is using this product. However, we are moving to SentinelOne as we are corporate. That means, if there is one branch upgraded or moved to something, we must follow. We are following our corporate instructions. If I was given the choice, I would be still using Cortex XDR as it's fulfilling my need. I'd rate the solution eight out of ten. The downside is each time I go to the portal and I check the versions, it's outdated. You need to upgrade each month or every forty days and it's a lot.
I think any XDR technology is best for protecting an environment from cyber attacks. The visibility it provides is crucial and XDR gives us that, we can see all effect vectors. I rate this solution eight out of 10.
My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner. We have not yet completed our review of the product. At this time, I would rate it a five out of 10.
So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines. We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution. We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution. When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten. It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.
My advice for anybody who is implementing this product is to ensure that the project plan has appropriate troubleshooting time in it. Overall, I'm quite happy with the product. I would rate this solution an eight out of ten.
I'm rating this solution a ten out of ten because it is very good for managed threat hunting and incident response. It is the best XDR solution. It's better than other tools because it uses enterprise architecture. Everybody will find that this solution is easy to use.
It is important to have security tools in order to review, monitoring and hunt the potential attacks. We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool. It's an efficient solution. I recommend this solution to my business partners and other companies. I rate Cortex XDR by Palo Alto Networks a ten out of ten. Other solutions I have used I would rate a seven out of ten. There is not something that comes close to this solution.
I have found the solution to be very easy in respect of the integration and configurable. The integrations are out-of-the-box, as are the playbooks. The solution is deployed solely on-premises on a single server. As of now, there are six users making use of the solution. My advice is that the on-premises environments for the product's use should be increased. I rate Cortex XDR by Palo Alto Networks as an eight out of ten.
I would rate this solution as five out of ten.
I would highly recommend it unless you have iOS assets on your network. I would rate Cortex XDR an eight out of 10.
I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks a nine out of ten.
I would recommend this solution. I would rate Cortex XDR a seven out of 10.
I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks an eight out of ten.
Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs. You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs. So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class. On a scale from one to ten, I would rate Cortex XDR at nine.
Cortex XDR is a threat analytics security manager that allows users to see what threats are going to endpoints. It's a very high-security solution. The next step up from Cortex XDR is Cortex XSOAR. XSOAR is an automated threat solution. It's a security solution from Palo Alto. I'd recommend the solution to others. I'd rate it at a nine out of ten overall.
I would recommend this solution to anyone who is interested in using it. I would rate Cortex XDR a seven out of ten.
It is a very straightforward product with minimum administer interference, once it is deployed. I would rate this solution a seven out of ten.
I would recommend Cortex XDR by Palo Alto Networks to potential users. On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.
On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.
You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together. I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.
Overall, this is a good product and I can recommend it to others. I would rate this solution an eight out of ten.
If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex. I would rate Cortex XDR a nine out of ten.
While we deal with the cloud deployment model, we've also often used the on-premises deployment. I'd advise other companies to use the solution. It really is the best one out there. Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.
I don't use this product on a daily basis but we like what we have so far and I would definitely recommend it to other users. My advice is to make sure that you have a good implementor and that the reseller you're purchasing from gives you a highly-qualified engineer. Overall, we are happy with this product but that said, nothing does everything that you want. I would rate this solution a nine out of ten.
We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. We chose Fidelis. They meet the regulations and they are on-premises. We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations. I would rate Cortex XDR by Palo Alto Networks an eight out of ten.
My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability. On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.
We have a partnership with Palo Alto. I'm a consultant, I'm pre-sales as a technical sales engineer. I try to show the value of any product for the customer. I don't actually use the solution myself. The solution does not have an on-premises option. It's only available on the cloud. For XDR new users just need to make sure they have the right policies in place. The solution does offer pre-configured policies. Organizations will want to make sure it is actually fitting them in the places where they will be working best. It's important as well that they don't make it a default selection. Users need to make sure that it's really configured and whitelisted and everything fits the organization. I'd rate the solution eight out of ten. I'd rate it higher, however, the deployment process is poor even though the features are decent. Competitors like Carbon Black have much easier deployments.
We simply use the solution as a customer. I would not recommend the solution. I'd advise other companies to rather go with Palo Alto's firewall as a better option. I've already advised others not to touch it. It's not worth it at all to even consider using it. I'd rate the solution six out of ten. Their new GUI is very nice, however, as a professional service, it's lacking in a lot of areas.
My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features. From my experience, it is one of the better ones in the market. That said, no product is 100%. I would rate this solution a nine out of ten.
The main advice I can share is to watch out for your database and make sure to give it enough resources. That's it. I would rate this solution eight out of 10.
I recommend using this solution and I would rate the solution an eight out of 10.
We use the on-prem version, not the cloud version of Palo Alto. We use it daily but we have logs. Normally, if we have an incident in detection from a wire system, there's more effort. But typically it would take about ten minutes in order to check the logs and it's not complex at all. But if you have some threats or viruses then, of course, maintenance takes longer. In terms of advice, I'd say it depends on the usage of the PCs. For us to use in the main production, Palo Alto benefited us. It was easy to install and performance of the traps themselves are very good. In most cases, you don't have to worry about the performance of the PC at all. Palo Alto Traps takes up very few resources. I would rate this solution 9 out of 10.
On a scale from 1-10, I would rate Palo Alto Networks Traps with an eight. It is great, but I have some issues with the cost of the product license.
Make sure you have a proper inventory of all the applications running. That's something we should have done to start with. We intended to do so but because we're using very strange applications to deal with satellite imagery, and it was giving us some issues. For somebody who's using the standard Microsoft Office, it's really straightforward. But if you have exotic applications, then make sure you test it before you deploy it. You will have issues. To maintain it, the only thing you have to do is download the latest updates and install them. After that, the only maintenance you need is checking the logs every day to see what has been sent to the cloud for sandboxing and then move to the culprit machine to see what happened. It's difficult to say how many people are required for this. As soon as you get something exotic on the machine, this can take an hour, but that's not related to Traps. Traps is just telling you there's something exotic. After that, it's the time you spend doing all the malware and other analyses. As far as Traps is concerned as such, it doesn't require much maintenance. It's something you set and forget. I would give Traps a nine out of ten. I think it's a very good application. It detected stuff that other things wouldn't detect. I'm very positive about it and was extremely satisfied with it. We had it for the reason I noted earlier. It has been replaced by something else, but I had a very good experience with it. Had we been in a Microsoft Office business - the normal applications - we never would have moved. But the people in charge of the system went to Microsoft Defender.
Overall, Traps is a very good application when you compare endpoint security solutions available in the market. You can see your value for your money. You can see the results and sleep peacefully. You don't have to worry about a ransomware attack. Traps is very well-designed. It also does good things with deep machine learning. If it finds any malicious activity, it will alert you. Based on our feedback and recommendations, our sister companies had been looking forward to replacing their current solution with the Traps. My current company is in the process of evaluating the solution.
Palo Alto Traps is good but they need to more widely promote it.
Test normal behavior of the Traps agents (injection and policy) and confirm that there has been no change in the user experience.
If ransomware were to spread throughout your company, you would not want your file shares to be encrypted nor your servers to be affected. My advice would be get Traps on your servers and on your workstations. Go with version 5 and the cloud instance, then turn on all the features that you can. Some of them come by default disabled out-of-the-box, but you want to turn on all of the features, such as local analysis, file quarantine, WildFire, malicious and grayware blocking and quarantine, restrictions (don't allow executables to run from USB drives, unless it's whitelisted). Turn on all the exploit protections with dynamic updates, and just let it just update. Since we all know the next version of Flash Player is going to have a vulnerability which no one knows about until it's discovered. Then, at that point, it could have already been out there for a while. With Traps, it could potentially determine the exploit before it's even a known vulnerability. Turn on every single feature you can without taking an impact to performance. Once it's fine-tuned and doing its thing, I have never witnessed Traps not working properly. They have put in improvements over the years. We have been using the product for over four years now (since I've been with the company). They have added support for additional operating systems, such as Android, macOS, and Linux. They used to be Windows only. They put improvements where they no longer require you to have an on-premise server, so you can host it on the cloud. Thus, when endpoints leave the environment, they can connect to a cloud host and have full connectivity to your policies. When Traps does sandbox tests, it checks the verdict against their sandbox: WildFire. Having it in the cloud is great, because then the machine doesn't have to be on a VPN or within the company walls with connectivity to an on-premise server. Therefore, having the cloud implementation was definitely an improvement. When Palo Alto acquires a technology, they implement it into Traps and make the product better. They have done this in the past, and there are cool things coming in the future from these acquisitions.
The implementation is fairly straightforward and easy. With version 5, everything is now on the cloud. It is easy to work with and use. I would use mobile device management (MDM) or Active Directory (AD) to push the file everywhere when installing it, as it will auto go from there. The management is pretty low. Thus, it will be set it, and for the most part, you can forget it.
I think Traps has the best mix of features by price in the industry. It is not flawless by any means, but Palo Alto seems committed to it and are improving it. Traps 5.0 is promising, though they have a ways to go before I'd be willing to implement it.