No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next EDR Optimum vs Tanium comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next EDR Optimum
Ranking in Endpoint Protection Platform (EPP)
22nd
Ranking in Endpoint Detection and Response (EDR)
25th
Average Rating
8.4
Reviews Sentiment
6.7
Number of Reviews
26
Ranking in other categories
No ranking in other categories
Tanium
Ranking in Endpoint Protection Platform (EPP)
15th
Ranking in Endpoint Detection and Response (EDR)
23rd
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (3rd), Vulnerability Management (26th), Unified Endpoint Management (UEM) (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Kaspersky Next EDR Optimum is 1.0%, up from 0.9% compared to the previous year. The mindshare of Tanium is 2.4%, down from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
Tanium2.4%
Kaspersky Next EDR Optimum1.0%
Other92.8%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Nadeem Syed - PeerSpot reviewer
CEO at Haniya Technologies
Continuous protection has improved automated threat response and reporting for our endpoints
We did work with one of our clients who required mobile security solutions. In my opinion, Trend Micro, when we went through the POCs and other components, we did not find it very strong as far as mobile security is concerned. I think Kaspersky is much better than Trend Micro when it comes to mobile security solutions. From an outside perspective, Kaspersky Endpoint Detection and Response Optimum looks pretty strong and comprehensive. The main improvement would be if they could decrease the cost, as it would be great for clients since it is quite expensive now compared to when it used to be cheaper. The key competitor for Kaspersky Endpoint Detection and Response Optimum is Trend Micro. Trend Micro is the only competitor in the market right now. I would say both Trend Micro Endpoint Detection and Response and Kaspersky Endpoint Detection and Response Optimum are quite similar; I cannot say that one is better than the other. The difference is mainly in cost; Trend Micro has mostly moved all their products to the cloud, offering no on-premises products now, whereas Kaspersky is still in a transition phase providing both on-premises and cloud solutions. Many clients prefer on-premises as it is less expensive compared to cloud.
MA
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Based on my experience, I would recommend Cortex XDR by Palo Alto Networks to other people."
"Once you become familiar with it, Cortex XDR by Palo Alto Networks is a more powerful tool and I would say that I prefer it over MDE because it is a stronger tool for me."
"When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
"Its ability to react to cyber data attacks is awesome."
"In one single alert, we are getting the network telemetry, endpoint telemetry, email security telemetry, and proxy telemetry all in one single ticket, making it very easy."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"Instead of having to wait for alerts, the IT security team can actively hunt for threats by proactively scanning endpoints to spot anomalies and security breaches."
"Kaspersky Endpoint Detection and Response Optimum is effective, especially in isolating computers from the network when needed."
"The most advantageous aspect is tracking and taking action automatically."
"I mostly like how they capture particular files and submit them to other files, and they have the solution console. And for example, we are using the one in for an application, like, on the RansomFree, if there are any vulnerabilities in patches coming, in the future, they fix these."
"One of the most valuable features of Kaspersky Endpoint Detection and Response Optimum is its cloud console allows users to remotely isolate a single computer from a network in the event of an attack, enabling them to perform root cause analysis without disrupting the entire network. This is particularly useful for organizations that may not have expert resources for endpoint detection and response."
"Kaspersky EDR is constantly updated and can respond to any threat nearly in real-time. They work hard to produce all the updates on time."
"They provide integrated protections and prevention with multi-layered anti-malware, which makes clients want to go for it."
"The solution's most valuable features are the advanced detection and anti-theft features."
"Tanium’s best features include support for any Windows, Linux, or Mac endpoint, regardless of where it is, and the ability to do IT operations and security operations."
"I'm not so familiar with the tool but I like the interaction of the console to the picture. Patching is the primary model I have been focusing on for the last couple of weeks. So I have created a proof of concept environment and have been checking the available features."
"The most valuable features of this solution are the consolidation of all historical data on device endpoints, security drivers, firmware, and Software version gaps."
"Tanium is used for endpoint management, specifically patching and configuration management."
"The solution's technical support is very responsive."
"Tanium is a very good product and I would rate it eight or nine out of ten."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"For inventory purposes, it's from one of the best things on the scene, as you can get live inventory."
 

Cons

"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"In general, the price could be more competitive."
"The product could be improved by resolving the problem with uninstalling devices. The uninstallation needs better handling, specifically with automatic license deletions."
"The initial setup is a bit difficult."
"We face challenges with the automated effective awareness platform program (ASAP), particularly with its implementation. It is difficult and not effective for us yet."
"An area for improvement in Kaspersky Endpoint Detection and Response Optimum would be to provide the cloud console platform to all users, regardless of the number of licenses a company has purchased. For example, a company with 50 employees should have access to the cloud console platform even if they have only purchased a certain number of licenses for the solution."
"We would like more data to be available from this solution, in order for it to be usable in strategic decision making."
"EDR Optimum's scalability could be improved."
"The application should be made a bit lighter so that it does not slow down the PC."
"The solution can improve the uninstallation process. The removal of the agent can be difficult. The purpose is for security, but it requires a lot of time and sometimes a special tool."
"The problem or challenge is a pre-sales and go-to strategy for the SMB market delivered through a channel or model. It's very convoluted and vague, which leads to some confusion about the various types of modules, and the device-to-seat cost is extremely difficult to calculate."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
"Any movement into a SaaS solution has challenges since the processes and data flows are not well defined. Hence, you need to build it at the same time."
"The solution can give a lot of false positives."
"The solution needs to improve the reporting and tracking capabilities."
"We set a policy to block USB access. The moment a device is being set up on the network, I apply the policy, but it does not come into effect immediately."
"There are some bugs in the product. The tool needs to improve in the area of reporting."
"It is not really additional functions, or the features that are needed, rather the complexity would be reduced based on the number of modules required to put together a comprehensive operational security and risk compliance model."
 

Pricing and Cost Advice

"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"Our customers have expressed that the price is high."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"The pricing is a little high. It is per user per year."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"This is an expensive solution."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The pricing is a little bit on the expensive side."
"The price is good, not too high."
"Kaspersky Endpoint Detection and Response Optimum is more affordable than the endpoint security product of Fortinet. Whether it's worth the money depends on your security strategy."
"The tool’s pricing is yearly. The solution’s pricing is expensive."
"The solution could be made a bit cheaper."
"Kaspersky Endpoint Detection and Response Optimum is affordability, even for companies with limited budgets, such as those in the Pakistani market. It is a subscription-based license."
"The price of the solution is reasonable. It cost approximately €10,000 annually."
"I would rate the product's pricing a nine out of ten. You need to pay about 80,000 rupees yearly for the tool. There are no additional costs associated with the product."
"Kaspersky gives a consolidated price with a good solution. If we choose something else, we need to add other options on our own."
"It is higher than some competitors in the market."
"It's an expensive solution. It would be nice if the cost were lower."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"There is an annual license required to use this solution."
"The solution is expensive but it's a good investment."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The solution offers value for money."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
904,748 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
15%
Comms Service Provider
11%
Outsourcing Company
9%
Manufacturing Company
8%
Financial Services Firm
14%
Government
10%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business15
Midsize Enterprise7
Large Enterprise5
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Kaspersky Endpoint Detection and Response Optimum?
Kaspersky Endpoint Detection and Response Optimum is reasonably priced for the market. I do not know the exact cost o...
What needs improvement with Kaspersky Endpoint Detection and Response Optimum?
We did work with one of our clients who required mobile security solutions. In my opinion, Trend Micro, when we went ...
What is your primary use case for Kaspersky Endpoint Detection and Response Optimum?
When it comes to endpoint security requirements, we work with Trend Micro most of the time; currently, my focus is mo...
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Tanium Inc Cloud, Tanium XEM
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Kaspersky Next EDR Optimum vs. Tanium and other solutions. Updated: June 2026.
904,748 professionals have used our research since 2012.