Try our new research platform with insights from 80,000+ expert users

Cortex XSIAM vs Torq comparison

The compared Palo Alto Networks and Torq solutions aren't in the same category. Palo Alto Networks is ranked #12 in SIEM , with an average rating of 8.4, and holds a 2.1% mindshare in the category. Torq is ranked #2 in APSA , with an average rating of 8.8, and holds a 31.9% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of Torq users who would recommend it.
Cortex XSIAM
Read 15 Cortex XSIAM reviews
  • 7,838 Views
  • 3,527 Comparison Views
100% willing to recommend
Torq
Read 5 Torq reviews
  • 2,079 Views
  • 1,393 Comparison Views
100% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive Summary
We performed a comparison between Cortex XSIAM and Torq based on real PeerSpot user reviews.

Find out what your peers are saying about Splunk, Wazuh, IBM and others in Security Information and Event Management (SIEM).

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Security Information and Event Management (SIEM) Report (Updated: February 2026).
Buyer's Guide
Security Information and Event Management (SIEM)
February 2026
Download the complete report
Helped 881,707 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XSIAM
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
15
Ranking in other categories
Security Information and Event Management (SIEM) (12th), Identity Threat Detection and Response (ITDR) (7th), AI-Powered Cybersecurity Platforms (7th)
Torq
Average Rating
8.6
Reviews Sentiment
5.9
Number of Reviews
5
Ranking in other categories
Security Orchestration Automation and Response (SOAR) (6th), AI-SOC (7th), AI-Powered Security Automation (2nd)
 

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cortex XSIAM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 2.1%, down 2.5% compared to last year.
Torq, on the other hand, focuses on AI-Powered Security Automation, holds 31.9% mindshare, down 41.6% since last year.
Security Information and Event Management (SIEM) Market Share Distribution
ProductMarket Share (%)
Cortex XSIAM2.1%
Splunk Enterprise Security7.1%
Wazuh6.4%
Other84.4%
Security Information and Event Management (SIEM)
AI-Powered Security Automation Market Share Distribution
ProductMarket Share (%)
Torq31.9%
Tines34.5%
Blink Ops12.4%
Other21.19999999999999%
AI-Powered Security Automation
 

Featured Reviews

reviewer2666148 - PeerSpot reviewer
reviewer2666148
Associate Director at a financial services firm with 5,001-10,000 employees
Integration challenges highlight the need for manual workflows
The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long. The solution would benefit from having more standard playbooks and templates available, as in other partners. Currently, everything must be created from scratch. In terms of incident response automation, it is quite poor due to the lack of integration with all security tools, making manual intervention necessary.
Read full review
Nimrod Vardi - PeerSpot reviewer
Nimrod Vardi
Global IT Director at OpenWeb
Automation workflows have transformed our IT, enabling secure just-in-time access control
We work with them quite often, so we have a direct line regarding areas in Torq that have room for improvement. If we have a feature request, we can request it. I do not have anything in mind at the moment. We were a design partner for a short while, so we feel that they listen and that users of the system have an impact on the way the system is designed for the better. They have a new community, which is something that I personally suggested years ago. There are many people like me in different places and they might have already built the workflow that I need. Having the option to share workflows or to jump on a thread and say I have this need, did anyone ever build a workflow for it, is amazing. Someone would jump in and say yes, sure, here, take this workflow. I think this is an amazing thing and I really hope that the community will come alive because I think this is really powerful. This is something that I already suggested and it did happen eventually, and I am quite happy with it. I do not have any specific feature in mind that I have a need for at the moment.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The way the solution responds to detections and warnings is really impressive."
"It does a better job of identifying anomalies that are more likely to be incidents of compromise without as many false positives or false negatives."
"The most valuable feature is the integration capability."
"The most valuable features of Cortex XSIAM are the machine learning used to identify threats, the complexity of the environment of products, and efficiency."
"It operates on a single, extensive database which enables it to excel in detecting threats and anomalies across the network and endpoints, delivering a highly effective and comprehensive security solution."
"Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent."
"It is an effective solution in terms of performance and functionalities."
"The most valuable aspect is that Cortex XSIAM doesn't generate excessive alerts, refines all search results effectively, and filters out incidents where SOC intervention isn't necessary, allowing engineers to focus only on what matters."
More Cortex XSIAM pros
"If I review about 100 vendors that I might work with, Torq is definitely in the top five that gave me personally investment back, just because every bit of effort I put into Torq eventually became a workflow that gave it back to me."
"Once I started to use the system and I saw the potential, it changed all of our work in IT."
"As an analyst, it has demonstrated potential to reduce workforce requirements and time needed for related activities."
"Using that one piece of AI, we auto-closed 511 cases in quarter four alone."
"What I appreciate most about Torq is that it is an essential part of our system."
 

Cons

"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."
"Cortex XSIAM is on the expensive side and requires substantial improvement in pricing."
"The platform isn't very developer-friendly and it should provide more flexibility and ease."
"It could provide more integration with a large variety of products."
"The standard integrations are very limited, and the integrations available are not listed in the marketplace."
"Cortex could improve the detection and online resolution of security vulnerabilities."
"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."
"There is room for improvement in expanding integrations to include more cybersecurity solutions."
More Cortex XSIAM cons
"Regarding stability, I have noticed some lagging, crashing, and downtime, which is one of my largest gripes."
"It was able to capture data but was unable to differentiate between the agent hostname we are using and the hostname that resides on the back end of the Internet."
"Even now, we have workflows that are in production that use AI steps and I get different results, making it unusable to some degree."
"The initial deployment of Torq was not easy."
 

Pricing and Cost Advice

"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."
"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."
"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."
"The solution comes at a significant cost."
"The solution is expensive compared to its competitors."
Information not available
report
See which vendors are best for you
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
See recommendations
881,707 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
11%
Financial Services Firm
10%
Manufacturing Company
9%
Government
7%
Financial Services Firm
14%
Comms Service Provider
8%
Manufacturing Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise4
No data available
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex XSIAM?
I did not participate in pricing discussions for Cortex XSIAM solutions, so I cannot provide a review regarding prices for this solution.
See all answers
What needs improvement with Cortex XSIAM?
Cortex XSIAM is on the expensive side and requires substantial improvement in pricing. There are other features that could be improved, including integration with vendors such as CyberArk. I would ...
See all answers
What is your primary use case for Cortex XSIAM?
With Cortex XSIAM, we installed an agent on Active Directory on-premise. We connected our Firewalls to the Data Lake and the Active Directory, and protected the Firewalls with another authenticatio...
See all answers
What needs improvement with Torq?
Regarding the downsides of Torq, one issue is that as a SaaS product, I sometimes encounter transparency issues about what is going on behind the scenes, necessitating contact with Torq support to ...
See all answers
What is your primary use case for Torq?
My role is Cyber Security Engineer, and we use Torq for our case management platform, automating some of our phishing workflows to automate the containment of account takeover users, which are prob...
See all answers
What advice do you have for others considering Torq?
Torq's maintenance requirements depend on how you define maintenance. While Torq handles the platform's overall reliability, I have to perform maintenance on the workflows I build when bugs arise. ...
See all answers
 

Comparisons

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM Logo
Palo Alto Networks Cortex XSOAR vs Cortex XSIAM
Compared 22% of the time
Microsoft Sentinel vs Cortex XSIAM Logo
Microsoft Sentinel vs Cortex XSIAM
Compared 11% of the time
Cortex XDR by Palo Alto Networks vs Cortex XSIAM Logo
Cortex XDR by Palo Alto Networks vs Cortex XSIAM
Compared 8% of the time
CrowdStrike Falcon vs Cortex XSIAM Logo
CrowdStrike Falcon vs Cortex XSIAM
Compared 6% of the time
IBM Security QRadar vs Cortex XSIAM Logo
IBM Security QRadar vs Cortex XSIAM
Compared 6% of the time
More Cortex XSIAM Competitors
Tines vs Torq Logo
Tines vs Torq
Compared 44% of the time
Splunk SOAR vs Torq Logo
Splunk SOAR vs Torq
Compared 14% of the time
Blink Ops vs Torq Logo
Blink Ops vs Torq
Compared 12% of the time
Palo Alto Networks Cortex XSOAR vs Torq Logo
Palo Alto Networks Cortex XSOAR vs Torq
Compared 10% of the time
Simbian AI Agents vs Torq Logo
Simbian AI Agents vs Torq
Compared 3% of the time
More Torq Competitors
 

Product Reports

Buyer's Guide
Cortex XSIAM
February 2026
Cortex XSIAM reportDownload Cortex XSIAM product report
Buyer's Guide
Torq
January 2026
Torq reportDownload Torq product report
 

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

  • Security Orchestration: Streamlines processes across security operations.
  • Automation and Response: Efficient incident response management.
  • Detection Enrichment: Enhances identification of threats.
  • Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
  • Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

  • Cost-Effectiveness: Provides economical options compared to other market players.
  • Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
  • Reduced Management Effort: Simplifies the administration of security operations.
  • Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

Torq is the enterprise AI SOC solution that effectively combines adaptive insights and automation to handle critical threats efficiently. It manages threat lifecycles, swiftly moving from triage to response, ensuring effective risk management.

Torq is designed to streamline security operations by aggregating telemetry across your security stack. It investigates significant risks and manages threats from triage to containment and remediation. This AI-driven tool enhances the capabilities of your SecOps team, allowing them to achieve more impactful results without introducing complicated processes.

What are the key features of Torq?
  • Adaptive Agentic Insights: Provides real-time threat intelligence tailored to specific security challenges.
  • Automation: Automates responses to security incidents, minimizing manual intervention requirements.
  • Threat Lifecycle Management: Comprehensive handling of threats from detection to remediation.
  • Telemetry Aggregation: Integrates data across platforms for a unified security overview.
Why consider Torq based on reviews?
  • Efficiency: Users notice significant reductions in time spent managing threats.
  • Risk Reduction: Enhanced ability to identify and address critical threats promptly.
  • Resource Optimization: Allows teams to allocate effort to other critical tasks by reducing manual security operations.
  • Scalability: Adaptable to meet the demands of growing or changing infrastructures.

In industries like finance and healthcare, Torq shows effectiveness by adapting to specific risk scenarios often encountered in these fields. Its integration with existing infrastructures makes it a valuable asset for maintaining stringent security standards, essential for protecting critical data and operations in diverse high-stakes environments.

Torq
Buyer's Guide
Security Information and Event Management (SIEM)
February 2026
Download Free Report
Find out what your peers are saying about Splunk, Wazuh, IBM and others in Security Information and Event Management (SIEM). Updated: February 2026.
DOWNLOAD NOW
881,707 professionals have used our research since 2012.

We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.