Cortex XDR by Palo Alto Networks Reviews

Cortex XDR is used for monitoring and securing large numbers of endpoints, typically in the range of 5,000 to 10,000. It is considered to be an effective solution for mitigating security risks in these environments.

The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions.

Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it.

I have been using Cortex XDR by Palo Alto Networks for approximately four months.

The solution is stable.

I rate the stability of Cortex XDR by Palo Alto Networks an eight out of ten.

Cortex XDR by Palo Alto Networks is a highly scalable solution.

I rate the scalability of Cortex XDR by Palo Alto Networks an eight out of ten.

The support team at Cortex XDR by Palo Alto Networks is very responsive and helpful in addressing any issues or challenges that may arise. They are highly accessible and knowledgeable about the products they offer. Overall, I have been very satisfied with the support provided by Palo Alto while deploying their solutions.

We previously used CrowdStrike Falcon X.

Cortex XDR by Palo Alto Networks is easier to understand and use compared to CrowdStrike Falcon X endpoint. The dashboard and interface of CrowdStrike Falcon X can be cluttered, making it difficult for some users to understand where to begin when it comes to incident response or threat hunting. In contrast, Cortex XDR by Palo Alto Networks is simple to navigate and understand.

The initial setup of the solution can take approximately one hour. One hour is the longest it has ever taken us for the setup. We have not had an issue with the setup.

I rate the initial setup of Cortex XDR by Palo Alto Networks a seven out of ten.

We do the implementation of the solution.

The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help.

Customers tend to rather have a less expensive solution than the best one.

I rate the price of Cortex XDR by Palo Alto Networks an eight out of ten.

We are using two engineers for the maintenance of the solution.

In our market here in Malaysia, the solution is perceived as being of high quality and providing good service. 

I would recommend this solution to others, it is a good solution. It is my job to recommend solutions.

I rate Cortex XDR by Palo Alto Networks an eight out of ten.

The solution is not perfect and that is why I gave the rating of eight.

Cortex XDR by Palo Alto Networks is a network management solution.

Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console.

I have sold Cortex XDR by Palo Alto Networks within the last 12 months.

Cortex XDR by Palo Alto Networks should be a stable solution.

The scalability of Cortex XDR by Palo Alto Networks is very good.

The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month.

I would recommend this solution to others.

I rate Cortex XDR by Palo Alto Networks an eight out of ten.

I primarily use Cortex XDR to protect end-users from ransomware, malware, spam, and phishing.

Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure.

Cortex XDR's most valuable feature is its intelligence-based dashboards.

Cortex XDR could be improved with more GUI features.

I've been using Cortex XDR for a year.

Cortex XDR is quite stable.

Cortex XDR is scalable.

Cortex XDR's technical support is really good, though their knowledge of endpoint protection could be deeper.

Positive

The initial setup was quite straightforward, and deployment took two to three days.

We used an in-house team.

Cortex XDR's pricing is ok. We pay about $20 a year for our license.

I would give Cortex XDR a rating of eight out of ten.

We are using Cortex XDR by Palo Alto Networks as an endpoint solution.

One thing that I like about Cortex XDR is its ability to detect all the suspicious or malicious binaries, and it can integrate with Palo Alto Firewall. 

I have been using the product for about three and a half years.

The stability is very good.

It is scalable for those who use it.

If they want to do a POC, they can look for other market trenders that are there like Trend Micro. They also have their XDR solution. FireEye also has its XDR solution. They should do a comparison on what is based on their requirement. Based on their requirement, they should select the vendor. We saw that there were quite a few ransomware attacks that were not detected by traditional antivirus, so we moved to the Palo Alto solution. Likewise, the companies who want to implement EDR solutions, have to look at the problem statement. Based on their problem statement, they should work and find out a feasible solution.

The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part. Currently, they don't have out-of-box integration with IBM QRadar, or if they have the integration, the integration doesn't work well. That is something that they have to look at going forward.

It took around three to four weeks, because there was a full process change, and then we had to get approval for getting it deployed. 

I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

The main use case was the integration with their Palo Alto firewall and Panorama. Apart from that, they also had integration with the FIM solution that they had. Overall, having it at the endpoint and having network integration for the overall threat scenario has been where we use it.

The policy configuration is great. The granularity of policies that are available is very helpful.

It is straightforward to set up.

It has pretty much everything we need and works well within the Palo Alto ecosystem.

The GUI could be improved. It's a little bit cumbersome. It could be more user-friendly.

I've been using the solution for around two years. 

The solution is quite stable. The only hiccup we had experienced was related to some false alerts where there was no detection, yet still the product showed that it detected something. There were a few false positives. Apart from that, it is quite stable.

For cloud purposes, scaling is not an issue. Even with the on-premises deployments, we have not faced any scaling issues. 

Technical support is great. We haven't had any problems with them. 

Positive

The solution is very simple and very straightforward to set up. It's not overly difficult or complex.

I'd rate it four out of five in terms of ease of setup.

I do not deal with licensing costs. That is taken care of by our sales team.

We do hybrid deployments. For some customers, it was on the cloud and for some, it was on-prem.

It's a good solution to go with. If you are dealing with the ecosystem of Palo Alto, like Palo Alto firewall, Palo Alto Prisma Access, and Palo Alto XDR, if you have a Palo Alto ecosystem, it's a must to have Cortex XDR. Individually, it also works well. However, having Palo Alto everywhere will be a better scenario or a better fit if you want to deploy Cortex.

I'd rate the solution eight out of ten. 

We have Cortex XDR on our endpoints, and we have managed threat hunting. We are using it for everything related to security. If we have a device we believe is compromised, we can do a scan of the device to check for malware. We look for indicators of compromise in our network. We also look for behavioral things, such as if people are, for some reason, sending a bunch of information out. We also monitor USB file copies to make sure sensitive data isn't leaving our systems. It is also for any kind of denial of service attack.

We are using its latest version. It is deployed on-prem. We have agent software on all our endpoints, and then we have on-prem devices managed through Panorama.

It has quite a bit of functionality. So, if anything weird happens on our network, Cortex normally lets us know.

Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful.

They've been having some issues with updating their endpoint agents, and it has been quite frustrating.

I have been using this solution for about a year.

It's incredibly stable. It's Palo Alto; it's top of the line.

It's enterprise-grade. They cover everybody from the federal government to large corporations. We're probably a pretty small network for them. We have about 2,000 endpoints.

I have used their support. I would rate them a four out of five.

Positive

We used to have Check Point. We switched because there were a lot of added features with Palo Alto that Check Point didn't have. It was an upgrade for us.

It is incredibly complex. It has a lot of parts. Its implementation took six months.

We worked with Palo Alto directly to look at our old firewalls and translate their configuration to Palo Alto.

There are three of us for deployment and maintenance.

It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff.

You get out what you put in. So, the more you work with it, customize it, monitor it, and manage it, the more you'll get out of it.

I would rate it an eight out of ten. There are some bug updates that they were having issues with. Everything else has been pretty great. There is a lot more visibility than I expected.

It has just been about a month.

It is mainly for monitoring and/or logging. We look at it to see if there are any log incidents. 

We are using its latest version. It is deployed as a hybrid.

Monitoring is most valuable.

In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex.

In terms of new features, we don't have any functions or features that we would like to add at the moment. 

It is looking promising in terms of scalability, but we have not looked into it further because we are still in the process of learning and getting some experience.

Currently, there are just two users of this solution. They are IT specialists.

Its initial setup is quite complex. In terms of complexity, I would rate it a four and a half out of five.

I am using the Community edition.

My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner.

We have not yet completed our review of the product. At this time, I would rate it a five out of 10.

We are not using it for our purposes because we are a Palo Alto partner. We propose it for our customers based on their requirements.

We are both a service provider and a reseller.

When the pandemic first began, the use cases were mostly for remote users. We deployed this for the majority of remote users.

When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud. We have a lot of advantages as a result.

It's a very simple implementation, and I have direct Palo Alto implementation available as well. So it's very simple. We haven't found any issues, so far the implementation is going well, I don't see any gaps.

In general, the price could be more competitive.

In Palo Alto, we also work with all product lines, including Prisma and other product lines as required. Is a mix, it's a subproduct, we work with the mix of products.

We have been working with Cortex XDR by Palo Alto Networks for two to three years.

We get updates from Palo Alto directly.

Cortex XDR by Palo Alto Networks is a stable product.

It's a scalable solution, we have not had any challenges with the scalability of Cortex XDR by Palo Alto Networks.

Our customers range from medium to large enterprise companies. The adoption rate in small businesses is much less, but the majority of our requirements come from mid-to enterprise-sized businesses.

Technical support is the best in class, in my opinion, because they have invested heavily in research and development. In terms of comparison and today's challenges, such as security and layers, Palo Alto complies with all of the challenges.

In terms of Security, we are working with a few products and a few brands.

We use Palo Alto and we also work with Barracuda. These solutions are used on the web firewall and for email protection.

We work with the entire Barracuda product line, but specifically for email protection and web filtering.

Barracuda Essentials is included with O365 protections, we work with those solutions. 

Palo Alto is part of a different vertical layer than Barracuda. It's distinct. They are very different.

The initial setup depends on the environment, but as a technology, I would say it's simple. It's not that difficult.

The length of time it takes for deployment is determined by the project and the surrounding environment. We can only determine the timeframe based on that, pinpointing a specific time period is difficult.

It does not require maintenance because regular updates and monitoring are required. So if there is anything, new patches and the like, it is done automatically, and there is no additional implementation unless there are any infrastructure changes.

In comparison to other competing products, it is based on the customer's needs and the environment. However, when compared to other products, the price is slightly higher, but when considering technology and new innovation, that is the plus I would say when it comes to being XDR.

The price could be more competitive because it is not on the price wall when you go and question Palo Alto XDR. It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable.

So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines.

We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution.

We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution.

When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.