Cortex XDR by Palo Alto Networks Reviews

I am a tech support engineer or an endpoint security engineer who works with Cortex XDR's team itself, looking after all the support cases related to our technical stuff, specifically malware cases.

The most valuable feature of the solution is Broker VM, which is the best functionality, as I haven't found such a feature in any other product I have worked on till now.

Some feature requests are coming up from the customers. I feel like there should be a quick improvement. There is a little gap in implementing the tool's features as the team needs to do an investigation, which would take more time than expected, leaving the customers frustrated. The product team's investigation to decide on the features to be introduced in the solution should be a little quick. When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one. At that point in time, we need to change the tool's version, and it generally needs to be changed from our end with Java and Jira. Maybe it should be a little improved in that case.

I have been using Cortex XDR by Palo Alto Networks for two years. I am an endpoint security engineer for Cortex XDR's team. I worked with a client company as a foreign technical support engineer.

So far, I haven't found any stability issues in the tool. Right now, I am on post-maternity leave, so I left the company six or seven months ago. To date, I haven't found any stability issues with the tool. Stability-wise, I rate the solution an eight and a half out of ten.

The tool is not used in my organization because I work within the tool's XDR team related to Palo Alto. I don't have an exact count of the users because we have different customers on a larger scale.

It is a scalable solution. Scalability-wise, I rate the solution a nine out of ten.

I am not required to contact the solution's technical support since I handle the customers' tickets.

My company was involved in mass deployment. I am not involved in the deployment stuff because we work as a break-and-fix team. We generally don't go ahead with a mass deployment. For individual deployment, it is a quick and easy-to-install tool. Cortex XDR by Palo Alto Networks is not like every other antivirus product, and I think it is an easy-to-install tool. There is a team for the tool to help you out, but certain pre-requirements need to be filled. If all the pre-requirements are met, there will be no issue with the installation.

I am not sure about the tool's pricing because we are not from the accounts team. The tool's pricing is managed by the accounts department.

I recommend the tool as it is an emerging or upcoming product with a set of features. My recommendation of the tool surely depends upon the scale of the business.

The tool is easy to use. We even have an accounts team where they can help you from scratch. We have a tech support team who would definitely suggest it to you over the session, so nothing as such is required as they will definitely help the users with the tool.

I rate the tool an eight and a half or nine out of ten.

Cortex XDR by Palo Alto Networks is an antivirus tool that provides EDR and XDR.

The solution's most valuable feature is the user interface. I've used other solutions like Cylance and CrowdStrike, but Cortex XDR stands out from all the products. It has also moved to XSIAM. Cortex XDR introduced it long ago, while other tools are implementing it now.

The solution lags to the real-time scenarios here and there.

I have been using Cortex XDR by Palo Alto Networks for five years.

The solution would have bugs, but we get support 24/7 to deal with them.

Cortex XDR by Palo Alto Networks is a scalable solution.

The solution’s initial setup is easy.

Cortex XDR by Palo Alto Networks is an expensive solution.

Cortex XDR by Palo Alto Networks is a cloud-based solution. I would recommend the solution to other users if they can afford it. Cortex XDR by Palo Alto Networks is worth the money. It is easy for a beginner to learn to use the solution for the first time.

Overall, I rate the solution a seven out of ten.

Cortex XDR mainly focuses on endpoint protection. Unlike other antivirus products, it is way more advanced. It allows you to manage your endpoints and includes advanced threat analytics and behavioral analytics. For example, it offers a behavioral analysis, the main purpose of which is to identify suspicious activity.

If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application. This ensures that unauthorized actions are prevented.

Another feature of Cortex XDR is its ability to mitigate ransomware issues. It creates duplicate files on the endpoint, and if any ransomware attempts to access these files, it detects and identifies the ransomware attack. Cortex XDR offers many such advanced features in its cloud platform.

Product might have some bugs. But these will be fixed in the next version. They'll try to work on that and fix those issues. They won't let it go easily.

I've been implementing and supporting this product for one year.

The end users are around thousands.

I am from the support team. I fix things. If customers have any issues with the product, they call me. That's the role of my job. I am from the partner side.

The deployment and setup process is handled by a different team. So I have never deployed Cortex, but I know the steps. It is not easy, but at the same time, it is not very complicated.

It's cloud-based. You don't have to set up a server; it's all on the cloud. You have to set up your tenant on their dedicated server once you subscribe to the product.

Price-wise, Cortex XDR is quite expensive compared to regular endpoints. It is a bit more expensive than other products, but it's worth the money.

Cortex is a good product. But like every other product, it has some flaws. Not every product is ideal. Every product has its flaws. So when compared with other products, Cortex is one of the good products. I would suggest you take the product because it is really one of the good products, but it has some flaws.

So, I would rate it an eight out of ten. 

Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR.

The price could be a little lower. 

I have been using Cortex for four years.

Palo Alto provides on-the-ground and remote support. They have a local team on the ground and teams in India or other countries. Their support is excellent, and they know what they're doing. 

Positive

Some of my customers have McAfee, Symantec, or Kaspersky. Palo Alto can integrate with other vendors, so it's not locked to one single vendor. Other vendors like Trend Micro, Bitdefender, CrowdStrike, etc. have limitations on log collection from other places. On Palo Alto's datasheet, it tells you that it can talk to Check Point, Fortinet, etc. It's pretty awesome. I believe this is a huge advantage that allows us to implement Cortex anywhere. 

I rate Cortex XDR 10 out of 10 for ease of setup. It can be deployed on-prem or on the cloud. It's an easy process that doesn't take long. 

I rate Cortex XDR 10 out of 10. 

We use Cortex XDR by Palo Alto Networks for endpoint security. It scans for unwanted and malicious activity on endpoints and servers, creating alerts and incidents.

The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security.

There's room for improvement with Mac device installations, which can be challenging.

I have been using the tool for two years. 

About 20 people in our company use Cortex XDR by Palo Alto Networks across the country.

We've had some issues isolating endpoints and have sought support from Palo Alto for that.

The cost depends on your chosen license type, like Pro or other licenses.

I'd recommend using Cortex XDR by Palo Alto Networks for security purposes. It's good at detecting malware and is a better strategy than other antivirus solutions. I rate the overall solution a seven out of ten. 

Our company uses the solution to detect behaviors and provide difficulty remediation for malware. The solution acts like a terminal that allows for the renewal of malware directly from the terminal in any meeting room. 

We also have an IOP configuration that allows us to compare our own indicators and compromise rules. This is very efficient because anytime there is an IAP release on the web page, we can update or create a repository of different notification alerts. 

The solution is a new generation XDR that has a lot of artificial intelligence modules. 

The solution's communication methods are very effective. 

Configuring or eradicating terminals is easy. 

The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons. 

I have been using the solution for 18 months. 

Technical support was very responsive. You can present a critical configuration issue and they provide a solution as quickly as possible. 

The Linux agent was a little bit sketchy on our side but we got good support. 

The setup is very straightforward. 

We implemented the solution in-house and worked with one telecom rep for network permissions. 

Two of our cybersecurity engineers deployed to 4,000 endpoints in two months. We had a little bit of an issue with Linux but resolved it so all endpoints were fully operational within three months. 

The pricing is a little bit on the expensive side so is rated a seven out of ten. 

The solution is solid and measures up against other products. I rate the solution an eight out of ten. 

Officially, I'm an MSP, but I also host it for our own internal software. I've got XDR installed on 26,000 devices. It is used for threat prevention, policy enforcement, firewall rules, and DLP. We use it for pretty much everything. Our firewalls also integrate with XDR.

We use XDR Pro. It is in the cloud, and we have got version 7 at the moment, which is probably the latest update of it.

The key thing is the visibility of what's going on in our networks and on our end devices. It gives us visibility.

It provides the ability to query. I can query for any file or any IOC on any of the devices installed, and it will search for a data link.

The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine. 

In general, it has been able to see every single threat that has ever come up and it helps us stop it. 

I've used it for a great many years now, and it worked really well. From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference.

The onboarding process could be better. 

It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it.

Its stability is very good.

Its scalability is very good. It is on my servers as well as my end users. I've got five and a half thousand end-users plugged in, and they're all on, and then I have 26,000 servers on it as well.

I would rate them a 9 out of 10. The only reason why they lose a point is that if I escalate, it gets done really quickly. I've got all the various contacts I could ever need inside Palo Alto, but some of my other colleagues don't have that same level of contact. So, if I'm doing it, it is rapid, but if they're doing it, it is slower.

Positive

I've worked with Carbon Black, which Cortex XDR beats hands down. The reason it beats it hands down is because of the ability to query. I couldn't do that with Carbon Black. For me, that was a genuine issue with Carbon Black. That was one of the main reasons why we've literally moved 22,000 devices off Carbon Black into Cortex XDR.

We also use Sophos, McAfee, and BitDefender. As a group, we buy multiple companies a year. So, we come across most of them.

If it is my own device, I would love to have Cortex, but I can't buy one license. I have to buy a minimum of 250 licenses. So, I normally go for something like BitDefender because it has the least amount of bloatware.

It is straightforward. It is pretty much out of the box. It works how you want it to work. So, you can't really ask for more.

It is also easy to maintain.

It was implemented in-house.

In the company I'm in, we make software. On that basis, we've gone for what we need to make sure our software and all of our customer data are secure. That drives us more than the ROI. It may sound a little weird, but it is the way we run because, for us, the ROI is almost pointless if we lose all our data.

I have the full Pro Prevent license. So, I've got post analytics, forensics, and the whole lot of it.

My advice to others who would like to start working with Cortex is to not dip your toe in the water. Go big or go home. If you integrate everything in, you'll get fantastic results. You shouldn't do some bits here and there. You need to use their ecosystem as a whole. If you're in their entire ecosystem, the results are amazing.

I would rate it a 10 out of 10.

We use the product as a detection and response application.

The product's most valuable features are massive user and feature intelligence exploit detection. It is very useful in detecting threats to databases. The last meter statistics prove the efficient capabilities of the solution.

It is an enterprise-level solution. Its price could be less expensive.

We have been using Cortex XDR by Palo Alto Networks for three years.

The product is 100% stable. I have never received any complaints from the customers.

Cortex XDR by Palo Alto Networks is easily scalable as it is a cloud-based product.

We provide support services for our customers. Palo Alto's support services are expensive, and customers also encounter language barriers.

The initial process is simple. It requires training of about three to four days to understand the installation process. It is deployed on the cloud. The number of software engineers required depends on the number of the endpoints.

We pay in advance for the product's license. It has reasonable pricing for the use cases it provides to the company. We can split this payment monthly, quarterly, or yearly, according to the customer's requirements. For a cost-benefit analysis when choosing a security solution, consider factors such as the number of attacks prevented, the impact of those attacks, potential losses, and other hidden costs.

I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.