


Palo Alto Networks Cortex XSOAR and AWS Security Hub compete in the dynamic security orchestration and cloud security management market. Cortex XSOAR appears to offer a more robust solution for integration and automation, catering effectively to mature SOC processes, while AWS Security Hub excels in native AWS ecosystem integration.
Features: Palo Alto Networks Cortex XSOAR offers strong automation capabilities, diverse integrations, and a vast library of customizable playbooks. It also benefits from stability and scalability, seamlessly integrating with third-party tools. AWS Security Hub boasts effective integration with AWS services, ensuring comprehensive cloud security management, especially within AWS ecosystems, and provides centralized alerts and analytics for AWS workloads.
Room for Improvement: Cortex XSOAR users point out the high cost and suggest improvements in integration with non-security and on-premise solutions along with more flexible customization options. AWS Security Hub could enhance integration with open-source and non-AWS solutions, improve its dashboard usability, and reduce false positives through better alert management.
Ease of Deployment and Customer Service: Palo Alto Networks Cortex XSOAR supports diverse deployment environments, including public, on-premises, and private clouds. However, its technical support receives mixed reviews. AWS Security Hub thrives in public cloud environments, with seamless AWS integration and positively rated technical support that aligns with AWS's customer service standards.
Pricing and ROI: Cortex XSOAR's high costs have been noted, especially post-acquisition, yet its automation may justify the expense for larger enterprises. AWS Security Hub is more budget-friendly with a flexible pay-as-you-go model, offering satisfactory ROI for AWS-reliant users while lacking cost competitiveness in non-AWS settings.
| Product | Mindshare (%) |
|---|---|
| Palo Alto Networks Cortex XSOAR | 8.8% |
| Torq | 3.7% |
| AWS Security Hub | 5.6% |
| Other | 81.9% |


| Company Size | Count |
|---|---|
| Small Business | 1 |
| Midsize Enterprise | 3 |
| Large Enterprise | 4 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 5 |
| Large Enterprise | 14 |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 9 |
| Large Enterprise | 26 |
Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.
Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of your SecOps team, allowing them to achieve more impactful results without introducing complicated processes.
What are the key features of Torq?In industries like finance and healthcare, Torq shows effectiveness by adapting to specific risk scenarios often encountered in these fields. Its integration with existing infrastructures makes it a valuable asset for maintaining stringent security standards, essential for protecting critical data and operations in diverse high-stakes environments.
AWS Security Hub provides multi-account management and compliance checks alongside integrations with AWS services and third-party tools. It centralizes vulnerability tracking and risk prioritization, delivering real-time alerts for proactive security management.
AWS Security Hub enhances cloud security management through a centralized dashboard that monitors infrastructure resources and compliance scores, ensuring adherence to AWS standards. With integrations for vulnerability detection and security posture management, users can streamline security operations. While the platform offers notable benefits, areas for improvement include customization options for findings suppression and integration with multi-cloud environments.
What are the key features of AWS Security Hub?Industries implementing AWS Security Hub leverage its capabilities for comprehensive security across multiple accounts and regions. Health, finance, and retail sectors benefit by automating compliance checks and monitoring security infrastructures. This service aids in identifying misconfigurations, tracking alerts, and ensuring infrastructure integrity during cyber incidents.
Palo Alto Networks Cortex XSOAR enhances security operations automation and integration. Users rely on its incident management capabilities and machine learning to improve response times and efficiency.
Cortex XSOAR stands out for its capability to automate and orchestrate security tasks through customizable playbooks and robust third-party integrations. Its analytics offer insights into incidents, while machine learning prioritizes alerts and reduces false positives. Despite its powerful features, users note room for improvement in documentation, interface design, and integration capabilities. Cost and complexity in setup and deployment are also concerns. Users in security operations centers benefit significantly from automated data enrichment, streamlined incident response, and efficient handling of threats like phishing and endpoint management.
What are the key features of Cortex XSOAR?Cortex XSOAR is implemented across industries for automating and streamlining security operations. Organizations use it to create playbooks, integrate with security tools, and automate repetitive tasks, thereby improving the efficiency of their security operations centers and incident management processes.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.