Cortex XDR by Palo Alto Networks Reviews

We use this solution to secure endpoints and to have more visibility on what is happening on the endpoints.

We have two customers who are using this solution currently.

The installation should be easier and the Palo Alto pre-sales and sales should teams have more information on the product because they don't know what they are selling.

They don't know the features of the products they sell.

For example, Cortex XDR includes Cortex XDR Prevent, Cortex XDR Pro, and Cortex XDR Pro per TB. They don't know the real differences between Cortex XDR Pro and Cortex XDR Pro per TB.

Sometimes, they will tell you about features for one edition that belong to another edition. They don't seem to know what features belong to what edition.

I have been working with this solution for one month.

We are familiar with Cortex XDR Prevent and Cortex XDR Pro.

It's a stable product.

It's a scalable solution.

Technical support is okay.

The initial setup is complex. It is not easy to install.

We have been deploying this solution for a month, but we are not finished yet.

We only need one engineer for the deployment and maintenance.

I would recommend this solution to anyone who is interested in using it.

I would rate Cortex XDR a seven out of ten.

In terms of what could be improved in Cortex XDR, definitely the host insights module. The ability to kind of take a look at what applications are running on the endpoint is a new feature, but there is a lot of room for improvement there in terms of versioning and so forth.

Additionally, the dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard.

I have been working with Cortex XDR over the last year, at least.

On a scale of one to ten, I would give Cortex XDR by Palo Alto Networks an eight.

We're primarily a Palo Alto shop, and we integrate solutions in the Palo Alto ecosystem. But for firewalls and threat hunting, it's all through Cortex XDR. We also compliment the Cortex XDR product with other endpoint protection solutions, like Windows Defender, or whatever the customer is using,

Stability is a primary factor, and then there's the ease of distribution and policy management. Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them.

It would be good to have a better way to search for a file within the UI. Like in SentinelOne, you can search for an arbitrary file, and in Cortex XDR, you can't. You can do it with an addendum license, but I think we could all benefit from getting it with the standard license. Because if you want to do threat hunting with this product, you have to search for files now and not wait to get a license.

I've been using Cortex XDR by Palo Alto Networks for about two years.

Cortex XDR by Palo Alto Networks is a stable solution.

We used to talk to Palo Alto support extensively, and we always had a pleasant experience and never had a problem with them.

Cortex XDR is quite easy to install. The time it takes to deploy depends on the infrastructure. We have had cases that lasted a few days and other cases where it took two to four months for a proof of concept.

Every customer has to pay for a license because it doesn't work with what you get from a managed services provider. It's quite expensive, and they can't sell it for less than 200 euros a license. It's the lowest license price we can get from them.

I would recommend Cortex XDR by Palo Alto Networks to potential users.

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities. We also use it to go in and white list things that are okay. This way, they won't get blocked.

The behavior-based detection feature is valuable. 

It'll help if customization was easier. It would be better than how it's now if it came out of the box using their stock set up to get it up-and-running. Then you go in, and you add more restrictive things to make it better.

I have been using Cortex XDR by Palo Alto Networks for a little over a year.

Technical support has been fine.

The initial setup isn't straightforward or complex. It's somewhere in the middle. Like 90% of the features are there out of the box. When you start doing more complex things, it becomes more complicated. For example, if we wanted to limit someone's ability to plug in and access a USB stick, we have to create a profile to do that, and that's an advanced functionality.

We did most of the deployment in-house.

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

We are a solution provider and one of the Palo Alto products that we implement for our clients is Cortex XDR (Extended Detection and Response).

It is also known as Traps, and it is mostly used for endpoint protection. For example, when remote users want to connect to their organization using a VPN, they will be protected.

The protection offered by this product is good, as is the endpoint reporting.

Once installed, this product is easy to manage, whether it is on-premises or the cloud-based management system.

There are a lot of logs generated and an engineer has to go through all of the events to find out exactly what the bottleneck is. We do need to collect the events but this can be time-consuming. Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer.

A better pricing plan would make this product more competitive.

We have been dealing with Palo Alto, including Cortex XDR for more than three years.

This is a stable product and it is good, but we will keep evaluating other products as we continue to offer this type of solution to our customers.

Cortex XDR is a scalable solution.

The technical support team is good, and we can reach them quickly and easily. However, finding a resolution might take time.

We have used Cylance in the past, although we stopped using it about three years ago.

We are currently using K7 Endpoint Protection. Unfortunately, it is not catching anything, whether it is malware or a virus.

When we first implemented this product, it was called Traps. However, I don't see any difference, other than the name. For new customers, it might be a bit difficult to install and set up. It takes perhaps eight hours to install.

I deployed this product, and I was also involved with the initial POC.

Only one admin is needed for deployment and a second person should be available to work with the users.

This is an expensive solution.

We are currently trying to evaluate ELK.

Overall, this is a good product and I can recommend it to others.

I would rate this solution an eight out of ten.

We mainly use it for endpoint protection, exploit prevention, and malware prevention. 

It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. 

It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else.

It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc.
this is good as an endpoint protection to prevent malware, exploits, zero days, ransomware, botnet etc. For features like Host DLP or encryption or patch management, or any such features which are available in basic anti-virus, you cannot expect it in Palo Alto Network's Cortex XDR solution. rest, all features work as expected, without any lagg or slowness observed in the system.

I have been using this solution for a year or something like that. We have been using it from the day they launched or released version 4.0. Currently, they are on version 7.

It is stable. I have never faced any kind of issues or never heard from any of my colleagues that they have faced any kind of issue.

There is no problem with scalability. Currently, we have around 150 users. In our company, it is compulsory to install this agent on all systems. If we want to scale it, we just need to install an agent. There is no upgrading the server or the hardware because it is a SaaS service provided by Palo Alto Networks.

We directly raise issues with Palo Alto Networks, and they support us. I've never directly created a support query because our IT team looks into support queries, but I think it's pretty easy. You'll never face any kind of issues or challenges in raising support queries.

It was straightforward. In earlier versions, such as version 4.0, it was a bit difficult to install the server and then upgrade the agents and servers. These processes were difficult. There are no complications now.

It took us more than a week to deploy because we were implementing it on the systems of various users who were working from home.

We are a partner of Palo Alto Networks, so we have deployed it directly.

We evaluated multiple products. We have evaluated Trend Micro, McAfee, Broadcom Symantec, Sophos, and many other products. Each product is good in its own field. We chose Cortex because we already had a Palo Alto Networks firewall. It got integrated easily, and the co-relation part and the co-relation engine worked very well.

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex.

I would rate Cortex XDR a nine out of ten.

We had firewalls set up and it integrated but didn't meet with our regulations.

We were using this solution for endpoint protection.

It's a perfect solution. 

It integrates well into the environment.

I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response. Also, if they could make an on-premises version we would definitely go with Cortes. At this time, they are not offering an on-premises solution.

We had it in our environment for two days.

It's a stable solution.

Cortex XDR by Palo Alto Networks is scalable.

The technical support was good.

We evaluated Fideles and are currently using it, as it meets the regulations and is on-premises.

We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. 

We chose Fidelis. They meet the regulations and they are on-premises.

We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations.

I would rate Cortex XDR by Palo Alto Networks an eight out of ten.

We use Palo Alto Traps in our Windows-based environments. Currently, it only protects our desktops and we use it in conjunction with our Check Point firewall.

The product is very good, it has caught a lot of exploits that most products would not. The WildFire module is a great AI in detecting and preventing attacks. The only issues that we have are, one the cost, two the dashboard is not very intuitive, even though you can drill down within the dashboard, we usually have to gather information from other sources to determine locations and if its a false positive.

WildFire AI is the best option for this product.

The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results.

We have had this product for two years.

This is an expensive solution.