Overall, I would rate it a nine out of ten. The main drawbacks are the dashboard and reporting features—they could be better. Also, the user licensing fee is quite high. Apart from that, I don't think there are any major issues. If we’re paying for premium support, they should consider providing some complimentary private keys or licenses. It's like buying an Amazon Fire Stick and expecting free Amazon Prime and Netflix for a few days. But they’re not giving anything for free. I would recommend this product to other users, if they have a decent budget to spend. Further, I would advise to ensure your processes are robust. Once your process is stable, you can buy XSOAR, and it can do wonders. It's just a tool, after all.
I work with a distributor. I recommend the product to my customers. I'm really satisfied with the tool. It's a very nice tool. It can work and give us what we need. We just need to be patient and learn how it works. The incidents can be handled very easily. Overall, I rate the product a nine out of ten.
I recommended Palo Alto Networks Cortex XSOAR to a friend, and they have been using it to access and respond to issues in their data center. So far, there have been no complaints, not even worth mentioning. They also requested repairs through the platform. The playbook is very good and user-friendly compared to IBM. There are always things missing in some of the boxes. In some instances, there appears to be a leak. There are inconsistencies. Solutions like Palo Alto Networks Cortex XSOAR or similar products are necessary. Overall, I rate the solution an eight out of ten.
It's a very stable product, definitely worth the investment. You won't regret your spending. Overall, I would rate the solution a nine out of ten. The only reason it loses a point is the support team. Their performance hasn't reached the same level as other Palo Alto offerings.
The product is perfectly suitable for enterprise customers. We can achieve whatever playbooks we want to deploy. The stability is really good. We need the right professional services person who can finish the project on time. Overall, I rate the tool a nine out of ten.
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
Overall, I would rate the solution an eight out of ten. My advice to new users would be to plan ahead before implementing Cortex XSOAR. Understand your use cases well and have a solid strategy because the implementation is an ongoing process that you can always improve. Consider creating an adoption plan for what you will do this year and next year in terms of integration and use cases. Keep it user-friendly and introduce use cases gradually to your team instead of overwhelming them all at once. It's about taking steps to make it effective over time.
Head of Security Monitoring and Control at Alstom Ferroviaria S.p.A.
Real User
2022-11-14T11:17:12Z
Nov 14, 2022
I rate the solution a seven out of ten. The solution is good, but its performance and customization can be improved. I advise new users to understand their use cases. For example, suppose somebody is starting with highly customizable options and wants more agility to go to a micro level. In that case, I will still recommend people start with XSOAR, understand the environment, and then go to Sentinel. But it could also be done differently. It depends on the company's objective, so if you look at it as we started with Cortex a couple of years before. And now, looking forward and at compelling factors, we are moving to Microsoft.
The solution is a good product that would be even better if technical support is improved and prices are discounted. Support is very important because there is a lot of follow up after implementations to properly manage changes and issues. I rate the solution a six out of ten.
I rate Palo Alto Networks Cortex XSOAR seven out of 10. Since we installed it, we've never had a significant infection, so it has protected the computers. We're not using an antivirus solution. All we use is traps in Cortex, and it's stepped up to the plate there. I can't complain about the capabilities. My advice for anyone using XSOAR is to normalize the installation platform and ensure you have some type of fallback platform, so clients can be prepared to update no matter what platform they were using when they started.
Deputy Vice President at a financial services firm with 10,001+ employees
Reseller
2022-07-19T10:42:00Z
Jul 19, 2022
We were a reseller. I'm not sure which version of the solution we're using. It might be behind a version or two. Demisto has been purchased by Palo Alto. There's a difference in versions between the organizations. The latest version is not defined by the organization. Potential users should not purchase this product. They decommissioned the product, and it is now at end of life. I'd rate the solution three out of ten. It was sold to another company and decommissioned.
Cybersecurity Cyber Crime Infrastructure Engineer & Investigator at a government with 5,001-10,000 employees
Real User
2021-11-11T20:34:00Z
Nov 11, 2021
I would rate Palo Alto a nine out of ten. My advice would be to do the same type of research I did to ensure that it's the appropriate fit for your use case. If it's an organization that has an already existing incident management system, make sure that you can customize it so you can reduce the learning curve for your investigators in order to be able to transition from your old IMS over to the new IMS, which would be XSOAR. That's the reason why I took so much time in order to ensure that the customization was there in order to allow me to mimic what we already had in IMS and transition that over to XSOAR. That way, the investigators had a lot less of a learning curve. The only learning curve they had was, "Here's the investigation tab. There's all the data that you need in order to make your verdict. Make your verdict." But as far as writing all the reports, call-down lists, and all that other stuff, that's all part of our original process that I transitioned over to XSOAR.
Splunker, Networking and E-Mail Security Architect, Engineer and Guru at a healthcare company with 10,001+ employees
Real User
2021-09-08T17:50:45Z
Sep 8, 2021
Have a very good understanding of what you want to automate. Define the process and make sure the integrations you need are available out of the box. I would also suggest starting simple. Try easy use cases first and until you feel confident before you get into more complex use cases. I would rate Palo Alto Networks Cortex XSOAR a nine out of ten.
Vice President Global Technology Infrastructure Automation at a financial services firm with 10,001+ employees
Real User
2021-07-02T21:29:00Z
Jul 2, 2021
I'm not sure which version of the solution we're using at this time. I'd rate the solution at an eight out of ten. We've been quite pleased with its capabilities. The only thing is it is pretty expensive. I'd recommend other users work both with Palo Alto and Fortinet. They are great together. They compliment each other nicely.
Consultant at a tech services company with 501-1,000 employees
Reseller
2021-06-04T22:17:49Z
Jun 4, 2021
I would recommend this solution to those that already have a SOC or a NOC. It will enhance their logs and XSOAR will handle their internet activities. If they are not involved with SOCs or NOCs then I do not think they require this solution. I rate Palo Alto Networks Cortex XSOAR an eight out of ten.
We are a partner for Palo Alto. I have been certified with them. I did certifications around their certificates when they were Demisto, however, right now, we are Palo Alto partners. It's not a SIEM product, however, it's a next-gen automation platform for SIEM SOC services. I'd advise companies considering the solution to assess the existing environment before they go ahead and choose something. This solution is basically built for a vast organization or a medium and big organization. Smaller organizations have other options which are available to them that might be more appropriate. Companies should assess the product before it's brought on, as the cost is high. Businesses need to check their budget around that, and whether it will be flexible or not. It's also important to have a proper engineering and design team to implement that product. I'd rate the solution at a nine out of ten overall.
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
MSP
2021-04-16T12:03:35Z
Apr 16, 2021
We have the solution integrated into our QRadar. In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience. I would recommend the solution to other companies.
Network Security Engineer at a tech services company with 201-500 employees
Real User
2020-11-04T15:41:37Z
Nov 4, 2020
For each SOC and MSS environment, I would recommend using Cortex XSOAR for better productivity, scalability, performance, and efficiency. A lot of manual work is happening right now, and that could be avoided. People can be utilized for more productive work. I would rate Palo Alto Network Cortex XSOAR an eight out of ten.
Palo Alto Networks delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.
Palo Alto Networks Cortex XSOAR is a piece of Security Orchestration, Automation, and Response software that redefines what it means for a program to...
To create your own customized playbooks, it's important to be well-versed with Python. I'd rate the solution ten out of ten.
Overall, I would rate it a nine out of ten. The main drawbacks are the dashboard and reporting features—they could be better. Also, the user licensing fee is quite high. Apart from that, I don't think there are any major issues. If we’re paying for premium support, they should consider providing some complimentary private keys or licenses. It's like buying an Amazon Fire Stick and expecting free Amazon Prime and Netflix for a few days. But they’re not giving anything for free. I would recommend this product to other users, if they have a decent budget to spend. Further, I would advise to ensure your processes are robust. Once your process is stable, you can buy XSOAR, and it can do wonders. It's just a tool, after all.
I work with a distributor. I recommend the product to my customers. I'm really satisfied with the tool. It's a very nice tool. It can work and give us what we need. We just need to be patient and learn how it works. The incidents can be handled very easily. Overall, I rate the product a nine out of ten.
I recommended Palo Alto Networks Cortex XSOAR to a friend, and they have been using it to access and respond to issues in their data center. So far, there have been no complaints, not even worth mentioning. They also requested repairs through the platform. The playbook is very good and user-friendly compared to IBM. There are always things missing in some of the boxes. In some instances, there appears to be a leak. There are inconsistencies. Solutions like Palo Alto Networks Cortex XSOAR or similar products are necessary. Overall, I rate the solution an eight out of ten.
It's a very stable product, definitely worth the investment. You won't regret your spending. Overall, I would rate the solution a nine out of ten. The only reason it loses a point is the support team. Their performance hasn't reached the same level as other Palo Alto offerings.
The product is perfectly suitable for enterprise customers. We can achieve whatever playbooks we want to deploy. The stability is really good. We need the right professional services person who can finish the project on time. Overall, I rate the tool a nine out of ten.
Overall, I would rate the solution an eight out of ten. My advice to new users would be to plan ahead before implementing Cortex XSOAR. Understand your use cases well and have a solid strategy because the implementation is an ongoing process that you can always improve. Consider creating an adoption plan for what you will do this year and next year in terms of integration and use cases. Keep it user-friendly and introduce use cases gradually to your team instead of overwhelming them all at once. It's about taking steps to make it effective over time.
I rate the overall solution an eight out of ten.
Overall, I would rate the product as an eight out of ten.
I rate the solution a nine out of ten.
I would definitely recommend the product to others. Overall, I rate the product a nine out of ten.
I rate the solution an eight.
Overall, I rate the solution a nine out of ten.
I rate the solution a seven out of ten. The solution is good, but its performance and customization can be improved. I advise new users to understand their use cases. For example, suppose somebody is starting with highly customizable options and wants more agility to go to a micro level. In that case, I will still recommend people start with XSOAR, understand the environment, and then go to Sentinel. But it could also be done differently. It depends on the company's objective, so if you look at it as we started with Cortex a couple of years before. And now, looking forward and at compelling factors, we are moving to Microsoft.
The solution is a good product that would be even better if technical support is improved and prices are discounted. Support is very important because there is a lot of follow up after implementations to properly manage changes and issues. I rate the solution a six out of ten.
I rate Palo Alto Networks Cortex XSOAR seven out of 10. Since we installed it, we've never had a significant infection, so it has protected the computers. We're not using an antivirus solution. All we use is traps in Cortex, and it's stepped up to the plate there. I can't complain about the capabilities. My advice for anyone using XSOAR is to normalize the installation platform and ensure you have some type of fallback platform, so clients can be prepared to update no matter what platform they were using when they started.
I would rate Palo Alto Networks Cortex XSOAR an eight out of ten.
I'd recommend the solution. I would rate it ten out of ten.
We were a reseller. I'm not sure which version of the solution we're using. It might be behind a version or two. Demisto has been purchased by Palo Alto. There's a difference in versions between the organizations. The latest version is not defined by the organization. Potential users should not purchase this product. They decommissioned the product, and it is now at end of life. I'd rate the solution three out of ten. It was sold to another company and decommissioned.
This is a SaaS product. I’d rate the solution nine out of ten.
I rate Palo Alto Networks Cortex XSOAR a ten out of ten.
I would give Cortex SOAR a rating of eight out of ten.
I rate Palo Alto Networks Cortex XSOAR eight out of 10. I would recommend it to others.
I rate Palo Alto Networks Cortex XSOAR a nine out of ten.
I would rate Palo Alto a nine out of ten. My advice would be to do the same type of research I did to ensure that it's the appropriate fit for your use case. If it's an organization that has an already existing incident management system, make sure that you can customize it so you can reduce the learning curve for your investigators in order to be able to transition from your old IMS over to the new IMS, which would be XSOAR. That's the reason why I took so much time in order to ensure that the customization was there in order to allow me to mimic what we already had in IMS and transition that over to XSOAR. That way, the investigators had a lot less of a learning curve. The only learning curve they had was, "Here's the investigation tab. There's all the data that you need in order to make your verdict. Make your verdict." But as far as writing all the reports, call-down lists, and all that other stuff, that's all part of our original process that I transitioned over to XSOAR.
Have a very good understanding of what you want to automate. Define the process and make sure the integrations you need are available out of the box. I would also suggest starting simple. Try easy use cases first and until you feel confident before you get into more complex use cases. I would rate Palo Alto Networks Cortex XSOAR a nine out of ten.
I'm not sure which version of the solution we're using at this time. I'd rate the solution at an eight out of ten. We've been quite pleased with its capabilities. The only thing is it is pretty expensive. I'd recommend other users work both with Palo Alto and Fortinet. They are great together. They compliment each other nicely.
I would recommend this solution to those that already have a SOC or a NOC. It will enhance their logs and XSOAR will handle their internet activities. If they are not involved with SOCs or NOCs then I do not think they require this solution. I rate Palo Alto Networks Cortex XSOAR an eight out of ten.
We are a partner for Palo Alto. I have been certified with them. I did certifications around their certificates when they were Demisto, however, right now, we are Palo Alto partners. It's not a SIEM product, however, it's a next-gen automation platform for SIEM SOC services. I'd advise companies considering the solution to assess the existing environment before they go ahead and choose something. This solution is basically built for a vast organization or a medium and big organization. Smaller organizations have other options which are available to them that might be more appropriate. Companies should assess the product before it's brought on, as the cost is high. Businesses need to check their budget around that, and whether it will be flexible or not. It's also important to have a proper engineering and design team to implement that product. I'd rate the solution at a nine out of ten overall.
We have the solution integrated into our QRadar. In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience. I would recommend the solution to other companies.
For each SOC and MSS environment, I would recommend using Cortex XSOAR for better productivity, scalability, performance, and efficiency. A lot of manual work is happening right now, and that could be avoided. People can be utilized for more productive work. I would rate Palo Alto Network Cortex XSOAR an eight out of ten.
Demisto is a product that I recommend. I would rate this solution an eight out of ten.