Try our new research platform with insights from 80,000+ expert users
Cortex XDR by Palo Alto Networks Logo

Cortex XDR by Palo Alto Networks pros and cons

Vendor: Palo Alto Networks
4.2 out of 5
Badge Leader
1,087 followers
Start review

Pros & Cons summary

Cortex XDR by Palo Alto Networks offers robust endpoint protection with anti-exploit features and seamless integration for detailed incident analysis. While machine learning enhances threat detection, differences across Windows, Linux, and Mac limit functionality. Windows has exclusive features like folder restriction settings. Integration issues with third-party solutions, false positives, and a minimum of 200 endpoints are concerns. Support challenges and prolonged problem resolution processes are noted by users.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Cortex XDR by Palo Alto Networks employs advanced detection capabilities, sandboxing, and limits where executables can launch, significantly reducing endpoint attack surfaces.
Cortex XDR offers increased blocking with fewer false positives by analyzing file behavior rather than relying on a pre-defined list.
Behavior-based detection offers numerous benefits over traditional signature-based methods, ensuring robust security measures against threats.
Integrating seamlessly into the Palo Alto ecosystem, Cortex XDR utilizes AI and machine learning for effective threat identification and response.
Cortex XDR's machine learning capabilities provide high levels of automation and protection for large networks, especially when combined with Palo Alto firewalls.

CONS

There is inconsistent functionality across different operating systems; Windows has unique folder restriction settings not available in Linux or Mac versions.
Support is reportedly difficult to reach, lacks knowledge, and provides slow resolution times.
Cortex XDR is not fully compatible with other antivirus products like McAfee without requiring removal.
The platform lacks on-premises deployment options, limiting organizations preferring non-cloud solutions.
Frequent version updates cause disruption, increasing CPU usage, and complicating deployment.
 

Cortex XDR by Palo Alto Networks Pros review quotes

LT
Jan 17, 2019
The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind.
Read full review
AK
Feb 7, 2019
After deploying Traps, we saw the performance of the network improve by 65 to 70 percent.
Read full review
Netw9886 - PeerSpot reviewer
Feb 11, 2019
The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical.
Read full review
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2025
Free Report: Cortex XDR by Palo Alto Networks Reviews and More
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
DOWNLOAD NOW
845,406 professionals have used our research since 2012.
Ahmed Sief - PeerSpot reviewer
Jun 19, 2022
The initial setup is easy.
Read full review
WA
Jun 30, 2021
I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable.
Read full review
Mohammad Qaw - PeerSpot reviewer
Dec 15, 2022
From a single pane of glass, you can easily manage all of your endpoints.
Read full review
it_user1237689 - PeerSpot reviewer
Oct 22, 2020
The initial setup is pretty easy.
Read full review
OS
Feb 7, 2019
If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies.
Read full review
GA
Feb 11, 2022
When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud.
Read full review
reviewer1389378 - PeerSpot reviewer
Aug 8, 2022
The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine.
Read full review
Show 10 more reviews (out of 89)
 

Cortex XDR by Palo Alto Networks Cons review quotes

LT
Jan 17, 2019
Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis.
Read full review
AK
Feb 7, 2019
There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results.
Read full review
Netw9886 - PeerSpot reviewer
Feb 11, 2019
There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly.
Read full review
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2025
Free Report: Cortex XDR by Palo Alto Networks Reviews and More
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2025.
DOWNLOAD NOW
845,406 professionals have used our research since 2012.
Ahmed Sief - PeerSpot reviewer
Jun 19, 2022
Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded.
Read full review
WA
Jun 30, 2021
It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue.
Read full review
Mohammad Qaw - PeerSpot reviewer
Dec 15, 2022
The solution should force customers to integrate with network traffic to see the full benefits of XDR.
Read full review
it_user1237689 - PeerSpot reviewer
Oct 22, 2020
In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations.
Read full review
OS
Feb 7, 2019
Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere.
Read full review
GA
Feb 11, 2022
In general, the price could be more competitive.
Read full review
reviewer1389378 - PeerSpot reviewer
Aug 8, 2022
It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it.
Read full review
Show 10 more reviews (out of 89)

Product Categories

Product Categories
Endpoint Protection Platform (EPP)
Extended Detection and Response (XDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Cisco Secure Endpoint vs Cortex XDR by Palo Alto Networks Logo
Cisco Secure Endpoint vs Cortex XDR by Palo Alto Networks
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Trellix Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security vs Cortex XDR by Palo Alto Networks
Trend Vision One Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Trend Vision One Endpoint Security vs Cortex XDR by Palo Alto Networks
Kaspersky Endpoint Security for Business vs Cortex XDR by Palo Alto Networks Logo
Kaspersky Endpoint Security for Business vs Cortex XDR by Palo Alto Networks
Intercept X Endpoint vs Cortex XDR by Palo Alto Networks Logo
Intercept X Endpoint vs Cortex XDR by Palo Alto Networks
ESET Endpoint Protection Platform vs Cortex XDR by Palo Alto Networks Logo
ESET Endpoint Protection Platform vs Cortex XDR by Palo Alto Networks
BigFix vs Cortex XDR by Palo Alto Networks Logo
BigFix vs Cortex XDR by Palo Alto Networks
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks Logo
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks
See all alternatives

Product Categories

Product Categories
Endpoint Protection Platform (EPP)
Extended Detection and Response (XDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Cisco Secure Endpoint vs Cortex XDR by Palo Alto Networks Logo
Cisco Secure Endpoint vs Cortex XDR by Palo Alto Networks
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Symantec Endpoint Security vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Trellix Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security vs Cortex XDR by Palo Alto Networks
Trend Vision One Endpoint Security vs Cortex XDR by Palo Alto Networks Logo
Trend Vision One Endpoint Security vs Cortex XDR by Palo Alto Networks
Kaspersky Endpoint Security for Business vs Cortex XDR by Palo Alto Networks Logo
Kaspersky Endpoint Security for Business vs Cortex XDR by Palo Alto Networks
Intercept X Endpoint vs Cortex XDR by Palo Alto Networks Logo
Intercept X Endpoint vs Cortex XDR by Palo Alto Networks
ESET Endpoint Protection Platform vs Cortex XDR by Palo Alto Networks Logo
ESET Endpoint Protection Platform vs Cortex XDR by Palo Alto Networks
BigFix vs Cortex XDR by Palo Alto Networks Logo
BigFix vs Cortex XDR by Palo Alto Networks
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks Logo
Check Point Harmony Endpoint vs Cortex XDR by Palo Alto Networks
See all alternatives
Related questions
  • 341
Which SIEM is best fit with Palo Alto Cortex XDR?
  • 89
Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
  • 118
Cortex XDR by Palo Alto vs. Sentinel One
  • 41
FortiXDR vs Cortex Pro - which is the best?
  • 118
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
  • 243
How is Cortex XDR compared with Microsoft Defender?
  • 13
Which is better - Cortex XDR or Symantec End-User Endpoint Security?
  • 5
How would you compare BlackBerry Protect vs Cortex XDR by Palo Alto Networks?
  • 1,824
What is the biggest difference between EPP and EDR products?
  • 70
Can Cylance be used with Symantec or Kaspersky endpoint solutions without conflict?