Find out what your peers are saying about Splunk, IBM, Wazuh and others in Security Information and Event Management (SIEM).
We are positioning Palo Alto Networks Cortex XSOAR, which can be used in the SOC and do a lot of automation for the customer.
With premium support, core Palo Alto technical experts handle issues directly.
It is ineffective in terms of responding to basic queries and addressing future requirements.
The Palo Alto support team is fully responsive and helpful.
Eight out of ten times, they provide valuable help.
Their support has been better than Anomali's and they are more responsive.
The technical support provided by Palo Alto Networks Cortex XSOAR is good.
Without proper integration, scaling up with more servers is meaningless.
Cortex XSIAM is highly scalable.
The scalability of Palo Alto Networks Cortex XSOAR supports our growth and security needs because we can integrate various tools and continuously add more capability.
Palo Alto Networks Cortex XSOAR has very good application capabilities and is highly scalable.
The issues with scalability arise from the speed of some integrations, as not all are perfectly tuned by Palo.
The product was easy to install and set up and worked right.
Overall, Cortex XSIAM is stable.
It works really nice and performs really efficiently after configuration.
The system works smoothly even when I navigate deep into the playbook section.
I would rate the stability and reliability of Palo Alto Networks Cortex XSOAR as a nine.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
Cortex XSIAM is on the expensive side and requires substantial improvement in pricing.
The deployment requires integration and the development of integration modules.
One of the significant issues we encounter is system slowdown when we receive an influx of alerts, which inhibits how quickly we can access the information needed for investigation.
To improve the solution, it needs to have complete features that are low-code, no-code, and should be plug-and-play.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
For customers, it is zero versus $20 million, which is why they have to make a decision.
The advanced visualization capabilities of the product are important for understanding security trends in an organization.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
The flexibility for creating manual workflows stands out.
Execution of automatic tasks for collecting, enriching, and correlating security events from hundreds of different technologies.
If I already have an established process, I do not have to change my process to fit into the tool. I can modify the tool to fit into my process, which makes things considerably easier.
We have implemented automation features, such as automated responses to email threats and automatic configuration of target devices for blocking specific IPs.
| Product | Mindshare (%) |
|---|---|
| Cortex XSIAM | 1.8% |
| Splunk Enterprise Security | 7.1% |
| IBM Security QRadar | 5.2% |
| Other | 85.9% |
| Product | Mindshare (%) |
|---|---|
| Palo Alto Networks Cortex XSOAR | 8.8% |
| Microsoft Sentinel | 10.1% |
| Splunk SOAR | 7.4% |
| Other | 73.7% |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 2 |
| Large Enterprise | 4 |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 9 |
| Large Enterprise | 26 |
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.
What are Cortex XSIAM's key features?
What benefits are evident in Cortex XSIAM reviews?
Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.
Palo Alto Networks Cortex XSOAR enhances security operations automation and integration. Users rely on its incident management capabilities and machine learning to improve response times and efficiency.
Cortex XSOAR stands out for its capability to automate and orchestrate security tasks through customizable playbooks and robust third-party integrations. Its analytics offer insights into incidents, while machine learning prioritizes alerts and reduces false positives. Despite its powerful features, users note room for improvement in documentation, interface design, and integration capabilities. Cost and complexity in setup and deployment are also concerns. Users in security operations centers benefit significantly from automated data enrichment, streamlined incident response, and efficient handling of threats like phishing and endpoint management.
What are the key features of Cortex XSOAR?Cortex XSOAR is implemented across industries for automating and streamlining security operations. Organizations use it to create playbooks, integrate with security tools, and automate repetitive tasks, thereby improving the efficiency of their security operations centers and incident management processes.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
