No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex Xpanse vs Darktrace comparison

Palo Alto Networks and Darktrace are both solutions in the Attack Surface Management (ASM) category. Palo Alto Networks is ranked #7 with an average rating of 8.5, while Darktrace is ranked #4 with an average rating of 8.1. Palo Alto Networks holds a 2.9% mindshare in ASM, compared to Darktrace’s 4.5% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 95% of Darktrace users who would recommend it.
Cortex Xpanse
Read 6 Cortex Xpanse reviews
  • 1,791 Views
  • 1,773 Comparison Views
100% willing to recommend
Darktrace
Read 84 Darktrace reviews
  • 24,919 Views
  • 2,741 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Mar 29, 2026

Darktrace and Cortex Xpanse compete in the network security category. Darktrace seems to have the upper hand due to its advanced AI and comprehensive network monitoring capabilities.

Features: Darktrace utilizes advanced AI for creating actionable alerts and learning user behavioral patterns, providing comprehensive network visibility. Its integrated AI offers real-time monitoring and threat detection across multiple platforms, and includes automated Antigena response technology. Cortex Xpanse focuses on attack surface management, digital brand protection, and vulnerability reporting, excelling in identifying exposed assets and monitoring external perceptions, including Dark Web activities.

Room for Improvement: Darktrace could enhance handling of false positives and improve integration capabilities, particularly concerning endpoint protections. Simplifying the configuration process and addressing pricing concerns could be beneficial. Cortex Xpanse needs to improve cloud connectivity and dashboard customization, as well as expand intelligence features for better adversary visibility.

Ease of Deployment and Customer Service: Darktrace offers multiple deployment options, including on-premises and hybrid cloud environments. Users generally have positive experiences with its responsive technical support, despite some deployment complexities. Cortex Xpanse is praised for adaptable deployment types, such as hybrid and public cloud options, though improvements in support responsiveness and integration are needed.

Pricing and ROI: Darktrace is viewed as expensive but worth the investment due to its capabilities and coverage, offering a high return on investment by effectively mitigating threats. Cortex Xpanse, though slightly more expensive than solutions like Sophos, is seen as a wise investment for its advanced attack surface management capabilities, providing substantial ROI through increased security and risk management.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex Xpanse vs. Darktrace Report (Updated: April 2026).
Buyer's Guide
Cortex Xpanse vs. Darktrace
April 2026
Download the complete report
Helped 893,221 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex Xpanse
Ranking in Attack Surface Management (ASM)
7th
Average Rating
8.8
Reviews Sentiment
7.2
Number of Reviews
6
Ranking in other categories
No ranking in other categories
Darktrace
Ranking in Attack Surface Management (ASM)
4th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
84
Ranking in other categories
Email Security (9th), Intrusion Detection and Prevention Software (IDPS) (2nd), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), Extended Detection and Response (XDR) (7th), Cloud Security Posture Management (CSPM) (10th), Cloud-Native Application Protection Platforms (CNAPP) (9th), AI-Powered Cybersecurity Platforms (5th), AI Observability (6th)
 

Mindshare comparison

As of May 2026, in the Attack Surface Management (ASM) category, the mindshare of Cortex Xpanse is 2.9%, down from 4.2% compared to the previous year. The mindshare of Darktrace is 4.5%, down from 11.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Attack Surface Management (ASM) Mindshare Distribution
ProductMindshare (%)
Darktrace4.5%
Cortex Xpanse2.9%
Other92.6%
Attack Surface Management (ASM)
 

Featured Reviews

reviewer1442496 - PeerSpot reviewer
reviewer1442496
System Administrator at a retailer with 5,001-10,000 employees
Ensures robust security management with seamless integration
We work with the cloud version of Cortex Xpanse. We are working with Palo Alto products right at the moment. We have Cortex and GlobalProtect that we are using. I'm not sure if we utilize Cortex Xpanse's capability to identify internet-facing assets. I'm not sure about the automated threat assessment of Cortex helping prioritize vulnerabilities. I would assess the integration capabilities of Cortex Xpanse as good; no issues so far with integration with other tools from different vendors. Cortex Xpanse supports our organization's regulatory compliance efforts 100%, and it's what we need from it. Right now, I am working only with Palo Alto for security. I am not planning to work with some other vendors. On a scale of one to ten, I rate Cortex Xpanse a nine.
Read full review
AM
Anil M
Technical Consultant - Unix Platform Services at BITS AND BYTE IT CONSULTING PVT LTD
Consistent threat hunting and anomaly detection deliver valuable insights for network security management
In terms of improvement for Darktrace, pricing is the main concern. Pricing bothers me and this is one of the major factors when choosing a solution. When we get feedback from customers, that's the only felt need. When we factor in Darktrace, we do it only limited. We put it on where the perimeters and connections are, but still, some gray areas are left out, especially if we have multiple branches. We need Darktrace on each branch to get the data out, and I suggest having some kind of a centralized product that gets data from multiple sources to aggregate and provide the data.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable aspect is its ability to catch trojans and malware."
"The most valuable features of the solution are its firewall and antivirus."
"The most valuable aspect is its ability to catch trojans and malware."
"The best feature of the product is that it's easy to manage when we have set it up, and the beneficial impact of Cortex Xpanse for the company is security."
"Cortex Xpanse has an easy-to-use user interface."
"As an attack surface manager, I highly recommend Cortex Xpanse, especially if there are many services exposed publicly on the internet."
"Cortex Xpanse is a strong solution for attack surface management, including digital brand protection and continuous monitoring."
"When there is an alert from Cortex Xpanse regarding a certificate or surface, it prompts us to take immediate action."
"Darktrace is extremely stable."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"I would 100% recommend Darktrace."
"I highly recommend the overall solution to other users and rate it as nine out of ten."
"One member of staff is enough for deployment and maintenance because Darkforce is AI-driven; it does a lot of things by itself."
"Darktrace's most valuable features are that it understands the network environment and is able to trace the traffic and alert on anomalies."
"Implementing this solution has given us confidence that we are secure."
"I have used multiple solutions, but its graphical user interface is quite interesting and quite descriptive, with a lot of video animations where we can easily see how the data is transferred between various points, and it is also quite easy to understand for a new user."
More Darktrace pros
 

Cons

"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"Cortex Xpanse needs to add dark-web scanning."
"Some improvements are needed in the user interface."
"It's challenging to confirm the absolute coverage and penetration of Cortex Xpanse into the Dark Web. The solution lacks comprehensive intelligence on adversaries and risks, which other competitors might provide."
"Regarding technical support, I would rate it as a seven."
"There is an issue with the old versions of Cortex, and so when we have an older one with Windows or any OS, we have a problem with its connectivity with the cloud."
"Cortex Xpanse should offer better customization and configuration options on its dashboard."
"Some improvements are needed in the user interface. It may require more enhancements."
"It would be helpful if they could recognize incidents and simplify the customer's challenge to identify what is happening."
"It is expensive, but everything else has been great so far."
"Darktrace is a closed technology, meaning we know very little about how it works, including the architecture, which is significant. As a result, when we implement the system and find we're getting many false positives, we have minimal insight into why it's happening and what we can do to fix it. We don't know how the solution is configured, the criteria for threats to be determined, or the product's inner workings. We understand that they have to ensure privacy and their copyright, but we want to see some documentation or public research into the security Darktrace provides."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"I believe their network monitoring device licensing module could use some improvement."
"Darktrace could improve its features, such as monitoring and detecting ransomware."
"The user interface and the configuration are a bit complex and should be improved or simplified."
"The pricing is based on the number of endpoints, so the program is rather expensive."
More Darktrace cons
 

Pricing and Cost Advice

"Cortex Xpanse is cheaper than other solutions."
"The tool's cost is too high."
"Darktrace is expensive. You can pay for the license yearly."
"Darktrace is pricey, but the price is reasonable for what the solution does, and it's comparable to other products."
"We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once. Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution."
"All of the other modules, such as the licensing modules, are on par. It's one for one."
"I am using a demo of Darktrace for deployment and testing which is free."
"The solution is about $6,000 per quarter."
"Darktrace is quite an expensive solution."
"The pricing is expensive. It costs over $100,000 a year."
More Darktrace pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Attack Surface Management (ASM) solutions are best for your needs.
See recommendations
893,221 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Financial Services Firm
11%
Government
10%
Performing Arts
8%
Manufacturing Company
9%
Computer Software Company
9%
Financial Services Firm
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business45
Midsize Enterprise19
Large Enterprise29
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex Xpanse?
I don't know the licensing or setup cost; I have no idea about the cost.
See all answers
What needs improvement with Cortex Xpanse?
I'm not sure right now; I have nothing to comment on regarding what could be improved in the product. We are using it and we are satisfied. I have nothing to comment right now on what other feature...
See all answers
What is your primary use case for Cortex Xpanse?
Cortex Xpanse is usually used for security from clients.
See all answers
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing user interface that makes setup easy and seamless. CrowdStrike Falcon offers a cl...
See all answers
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is meant for smaller to medium-sized businesses. It is also a good option for organ...
See all answers
What is your experience regarding pricing and costs for Darktrace?
Concerning pricing for the product, I would say it is somewhat expensive.
See all answers
 

Comparisons

Tenable Attack Surface Management vs Cortex Xpanse Logo
Tenable Attack Surface Management vs Cortex Xpanse
Compared 16% of the time
CyCognito vs Cortex Xpanse Logo
CyCognito vs Cortex Xpanse
Compared 11% of the time
Bitsight vs Cortex Xpanse Logo
Bitsight vs Cortex Xpanse
Compared 11% of the time
Mandiant Advantage vs Cortex Xpanse Logo
Mandiant Advantage vs Cortex Xpanse
Compared 6% of the time
CyberInt Argos vs Cortex Xpanse Logo
CyberInt Argos vs Cortex Xpanse
Compared 4% of the time
More Cortex Xpanse Competitors
Vectra AI vs Darktrace Logo
Vectra AI vs Darktrace
Compared 6% of the time
CrowdStrike Falcon vs Darktrace Logo
CrowdStrike Falcon vs Darktrace
Compared 4% of the time
Cisco Secure Network Analytics vs Darktrace Logo
Cisco Secure Network Analytics vs Darktrace
Compared 3% of the time
SentinelOne Singularity Endpoint vs Darktrace Logo
SentinelOne Singularity Endpoint vs Darktrace
Compared 2% of the time
ExtraHop Reveal(x) vs Darktrace Logo
ExtraHop Reveal(x) vs Darktrace
Compared 2% of the time
More Darktrace Competitors
 

Product Reports

Buyer's Guide
Attack Surface Management (ASM)
April 2026
Cortex Xpanse reportDownload Cortex Xpanse product report
Buyer's Guide
Darktrace
May 2026
Darktrace reportDownload Darktrace product report
 

Overview

Cortex Xpanse offers comprehensive security by identifying trojans, malware, and unknown exposed assets while providing digital brand protection and monitoring, benefiting organizations of all sizes.

Cortex Xpanse provides robust threat detection and management with features like real-time reporting and asset discovery. Its antivirus and firewall enhance security, while dark web monitoring facilitates swift action on vulnerabilities and certificates. However, improvements in cloud connectivity and dark web scanning are needed. Enterprises, especially those with Security Operations Centers, find it useful for its installation ease, device control, and security measures, despite firewall complexity.

What are key features of Cortex Xpanse?
  • Digital Brand Protection: Shields the organization's digital brand from threats.
  • Continuous Monitoring: Observes activities for quick threat detection.
  • Real-Time Reporting: Provides timely security insights through user-friendly interfaces.
  • Asset Discovery: Identifies vulnerable assets for proactive management.
  • Firewall and Antivirus: Strengthens overall security posture.
What benefits and ROI should users consider?
  • Proactive Threat Management: Allows organizations to react swiftly to emerging threats.
  • Ease of Installation: Supports seamless deployment across networks.
  • Comprehensive Device Control: Ensures effective management and monitoring of devices.
  • Actionable Vulnerability Insights: Enhances security decision-making processes.

Cortex Xpanse is predominantly applied in large enterprises for safeguarding applications and databases against ransomware and malware. Organizations with Security Operations Centers leverage its customizable policies for client security and vulnerability remediation. It aids in managing attack surfaces as a proactive security strategy.

Palo Alto Networks

Darktrace revolutionizes network security with AI-driven alerts, anomaly detection, and robust visibility across networks. It autonomously detects threats, minimizing the need for human oversight, and offers efficient IP identification with minimal false positives.

Darktrace uses advanced AI analytics to enhance network protection. Its powerful real-time threat response capabilities and self-learning enable thorough monitoring and insightful analysis of network activities. While providing scalable and reliable security, users seek improvements in false positive reduction, user-friendly interfaces, and pricing. Enhanced third-party integration, more effective dashboards, and centralized automation features remain top priorities. Users benefit greatly from its Antigena feature, offering automated responses like blocking suspicious connections for robust network defense.

What Are Darktrace's Key Features?
  • AI-Driven Alerts: Provides real-time alerts for threat detection.
  • Anomaly Detection: Identifies unusual network activities with precision.
  • Real-Time Threat Response: Autonomously counteracts potential threats.
  • Comprehensive Monitoring: Offers detailed network activity insights.
  • Scalability: Adapts to expanding network environments effectively.
Which Benefits Should Users Consider in Reviews?
  • Stability: Reliable performance ensures constant protection.
  • Efficient Cloud Protection: Safeguards data across cloud infrastructures.
  • Intuitive Interface: Facilitates easy navigation and efficient operations.
  • Network Visibility: Enhances understanding of network traffic and activities.
  • Automated Threat Blocking: Quick response to potential network breaches.

In industries employing Darktrace, it is pivotal in securing LAN networks, analyzing behavioral patterns, and detecting internal and external threats. Adoption alongside platforms like F5 and SAP enhances incident response, traffic analysis, and threat identification, utilizing Antigena for proactive security measures.

Darktrace
 

Sample Customers

Information Not Available
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Buyer's Guide
Cortex Xpanse vs. Darktrace
April 2026
Free Report: Cortex Xpanse vs. Darktrace
Find out what your peers are saying about Cortex Xpanse vs. Darktrace and other solutions. Updated: April 2026.
DOWNLOAD NOW
893,221 professionals have used our research since 2012.
See our Cortex Xpanse vs. Darktrace report.
See our list of best Attack Surface Management (ASM) vendors.

We monitor all Attack Surface Management (ASM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.