Try our new research platform with insights from 80,000+ expert users
Cortex XDR by Palo Alto Networks Logo

Cortex XDR by Palo Alto Networks Reviews

Vendor: Palo Alto Networks
4.2 out of 5
Badge Leader
Leave a review

What is Cortex XDR by Palo Alto Networks?

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Get the Cortex XDR by Palo Alto Networks Buyer's Guide and find out what your peers are saying about Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Wazuh and more!
Cortex XDR by Palo Alto Networks is the #2 ranked solution in top Ransomware Protection solutions, #4 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #5 ranked solution in endpoint security software, and #7 ranked solution in XDR Security products. PeerSpot users give Cortex XDR by Palo Alto Networks an average rating of 8.4 out of 10. Cortex XDR by Palo Alto Networks is most commonly compared to CrowdStrike Falcon: Cortex XDR by Palo Alto Networks vs CrowdStrike Falcon. Cortex XDR by Palo Alto Networks is popular among the large enterprise segment, accounting for 54% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.
Buyer's Guide
Cortex XDR by Palo Alto Networks
September 2025
Get the report
Helped 867,021 peers since 2012

Featured Cortex XDR by Palo Alto Networks reviews

Read more reviews

Cortex XDR by Palo Alto Networks mindshare

Product category:
Endpoint Protection Platform (EPP)
As of September 2025, the mindshare of Cortex XDR by Palo Alto Networks in the Endpoint Protection Platform (EPP) category stands at 3.8%, down from 4.6% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.8%
Microsoft Defender for Endpoint10.0%
CrowdStrike Falcon8.2%
Other78.0%
Endpoint Protection Platform (EPP)

PeerResearch reports based on Cortex XDR by Palo Alto Networks reviews

TypeTitleDate
CategoryEndpoint Protection Platform (EPP)Sep 11, 2025Download
ProductReviews, tips, and advice from real usersSep 11, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs Microsoft Defender for EndpointSep 11, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs CrowdStrike FalconSep 11, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs SentinelOne Singularity CompleteSep 11, 2025Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.38.2%97%135 interviewsAdd to research
Wazuh3.7N/A80%48 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Cortex XDR by Palo Alto Networks offers robust endpoint and network protection through features like advanced threat detection, behavioral analytics, machine learning, and AI-driven insights. It integrates seamlessly with firewalls and provides a user-friendly interface, remote access, and incident response capabilities. Users appreciate Wildfire, sandboxing, and correlation features for managing and investigating events. The tool's cloud-based architecture ensures easy deployment and scalability, offering enhanced security without heavy resource consumption.
  • "Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."
  • "On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
  • "Cortex XDR is stable, offering high quality and reliable performance."

Room for Improvement

Cortex XDR by Palo Alto Networks can improve in areas such as integration challenges, customization, and user-friendliness, including the need for more intuitive dashboards. Performance issues are prevalent, with users reporting high resource consumption that impacts system responsiveness. The absence of certain features like real-time monitoring, advanced reporting capabilities, and DLP is noted. Pricing is considered high, hindering competitiveness, and license inconsistency leads to customer dissatisfaction. Enhanced compatibility with third-party products is desired.
  • "They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
  • "I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products."
  • "Cortex XDR could improve its sales support team, including better commission structures and referral programs."

ROI

Users experience significant ROI with Cortex XDR by Palo Alto Networks through reduced malware incidents and compliance costs. The platform blocks harmful files, offers robust threat detection, and enhances user satisfaction. Organizations report cost savings from decreased breach management efforts. Cortex XDR integrates multiple security functions, lessening administrative tasks and improving cybersecurity infrastructure, which is particularly valuable for software companies prioritizing data security. Enhanced performance from increased delivery time further underscores its value.

Pricing

Enterprise users indicate that Cortex XDR by Palo Alto Networks has a flexible licensing model that can accommodate varying needs, but its pricing tends to be high compared to competitors. Costs can range from approximately $20 to $90 USD per endpoint annually, depending on the chosen license type. While some find the pricing reasonable for its features and cloud integration, others, especially in certain regions, find it expensive. Renewal and setup fees are additional considerations for organizations.
  • "The tool's price is moderate."
  • "Compared to CrowdStrike, Cortex XDR is an expensive solution."
  • "The cost depends on your chosen license type, like Pro or other licenses."

Popular Use Cases

Cortex XDR by Palo Alto Networks is primarily used for endpoint protection. Organizations utilize it for detecting and blocking malware, and ransomware, and ensuring comprehensive security through threat detection and response on endpoints and servers. They report its integration capabilities with firewalls and its proficiency in monitoring, securing, and creating alerts for suspicious activities. Its use extends to logging, analyzing, and mitigating threats using advanced behavioral analytics across various environments.

Service and Support

Customer service for Cortex XDR by Palo Alto Networks is described as responsive and knowledgeable, though some report delays and language barriers. Support quality varies by region, with North American teams rated highly. Complex or global issues sometimes require escalation, leading to slower resolutions. Many find support adequate, but satisfaction can depend on the problem's complexity and the escalator's contact level. Some desire improved live support and deeper expertise in endpoint protection.

Deployment

Cortex XDR by Palo Alto Networks is generally straightforward to set up, with many finding it easy to deploy, especially in cloud environments. Some installations only take a few hours, while more complex environments might require additional time for complete deployment. The tool's flexibility allows users to activate and configure features as needed, and it often needs minimal personnel for setup and ongoing maintenance. Dynamic updates and cloud-based management simplify the process further.

Scalability

Cortex XDR by Palo Alto Networks is recognized for its impressive scalability, capable of seamlessly expanding to accommodate thousands of users across diverse roles and institutions. Organizations praise its effortless deployment and cloud-based architecture, enabling significant growth without performance issues. Many utilize it across various platforms, highlighting its adaptability and flexibility in managing large volumes of data efficiently. Most agree that it scales excellently with minimal intervention, proving beneficial for expansive enterprises.

Stability

Cortex XDR by Palo Alto Networks is widely regarded as stable. Users highlight its consistent performance and reliability. Though some bugs and issues occasionally arise, prompt resolution is common. Deployments are straightforward and resource requirements are minimal. Feedback indicates that upgrades bring refinements, improving functionality over time. Utilizing all features effectively, clients appreciate its robust performance and minimal downtime. Configuration is user-friendly, supporting efficient management despite occasional hiccups with alerts or database challenges.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Cortex XDR by Palo Alto Networks Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business39
Midsize Enterprise18
Large Enterprise30
By reviewers
By visitors reading reviews
Company SizeCount
Small Business818
Midsize Enterprise480
Large Enterprise1521
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Comms Service Provider
6%
University
5%
Healthcare Company
4%
Retailer
4%
Educational Organization
4%
Energy/Utilities Company
3%
Construction Company
3%
Insurance Company
3%
Real Estate/Law Firm
3%
Non Profit
3%
Performing Arts
3%
Media Company
3%
Outsourcing Company
2%
Wholesaler/Distributor
2%
Recreational Facilities/Services Company
2%
Hospitality Company
2%
Transportation Company
2%
Legal Firm
1%
Pharma/Biotech Company
1%
Recruiting/Hr Firm
1%
Logistics Company
1%
Consumer Goods Company
1%

Compare Cortex XDR by Palo Alto Networks with alternative products

Go!

Learn more about Cortex XDR by Palo Alto Networks

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Cortex XDR by Palo Alto Networks was previously known as Cyvera, Cortex XDR, Palo Alto Networks Traps.

Cortex XDR by Palo Alto Networks customers

CBI Health Group, University Honda, VakifBank

Related questions

  • 166
Which SIEM is best fit with Palo Alto Cortex XDR?
  • 77
Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
  • 89
Cortex XDR by Palo Alto vs. Sentinel One
  • 41
FortiXDR vs Cortex Pro - which is the best?
  • 112
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
  • 101
How is Cortex XDR compared with Microsoft Defender?
  • 13
Which is better - Cortex XDR or Symantec End-User Endpoint Security?
  • 8
How would you compare BlackBerry Protect vs Cortex XDR by Palo Alto Networks?
  • 759
What is the biggest difference between EPP and EDR products?
  • 70
Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?

Product Categories

Product Categories
Endpoint Protection Platform (EPP)
Extended Detection and Response (XDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks Logo
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks
IBM Security QRadar vs Cortex XDR by Palo Alto Networks Logo
IBM Security QRadar vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks
Elastic Security vs Cortex XDR by Palo Alto Networks Logo
Elastic Security vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Varonis Platform vs Cortex XDR by Palo Alto Networks Logo
Varonis Platform vs Cortex XDR by Palo Alto Networks
See all alternatives
 
Cortex XDR by Palo Alto Networks Reviews Summary
Author infoRatingReview Summary
Cyber Security Manager at Welab bank4.5As a cybersecurity manager with experience in Cortex XDR by Palo Alto Networks, I value its advanced threat detection and user-friendly GUI. While it offers a good ROI, improvements in sales support and expanded AI features would enhance its effectiveness.
Cyber Security Information Security Specialist at MHM Holding GmbH4.5I've found Cortex XDR effective for advanced threat detection, especially its behavioral engine and logging. It's stable, easy to deploy, integrates well, and offers good ROI, though the NTA pricing could be improved.
Pre-Sales Architect at network techlab4.5I work with Cortex XDR by Palo Alto Networks for its next-gen antivirus and threat prevention. It offers valuable automation and analytics but needs improvements like data loss prevention and multi-tenancy features. Its compliance capabilities enhance cost-saving returns.
Technical Specialist at HCL Technologies4.5I use Cortex XDR in my company to protect clients from unknown malware as an antivirus, EDR, and XDR solution. It excels in threat detection but needs improvement, as new versions sometimes cause CPU usage issues during deployment.
Cyber Security Analyst at HALA INFOSEC4.0We utilize Cortex XDR to monitor network and endpoint security, finding it valuable for its detailed information and ability to connect with host servers, networks, and proxies. It compares favorably with CrowdStrike, though improvements are needed in blocklisting malicious content.
Head Of Information Technology at Diha Travels and Tours Limited4.5I use Cortex XDR for incident detection and response at my company. Its real-time network visibility helps detect threats early, though it could improve in managing alerts and reporting. A built-in compliance framework would enhance its value.
Senior Security Consultant at helpag5.0Our company uses Cortex XDR for endpoint protection and compliance, integrating with Palo Alto's firewall for enhanced visibility. It's effective but needs mandatory network integration and an on-premises option for full XDR benefits and broader vendor compatibility.
Sr. Endpoint Security Engineer at iOPEX Technologies4.5As a tech support engineer working with Cortex XDR, I find the Broker VM feature invaluable. However, feature improvements are needed, especially in malware detection, as slow investigations and occasional misidentifications can frustrate customers and require version changes.