No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex XSIAM pros and cons

Vendor: Palo Alto Networks

4.3 out of 5

16 reviews
100% willing to recommend

Pros & Cons summary

Cortex XSIAM automates incident responses, improving response times by 20% through a single dashboard. It optimizes security operations by integrating all log sources and alerts, excelling in threat detection with its extensive database. Machine learning reduces false positives and negatives. However, integration with more cybersecurity solutions and enhancements in data onboarding, parsers, and third-party support are needed. Pricing is expensive, and integration validations from Palo Alto take about eight months.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Cortex XSIAM significantly improves response times by automating incident responses from a single dashboard.

The integration of all log sources and alerts optimizes the security operations program.

Cortex XSIAM excels in detecting threats and anomalies using a unified extensive database.

Machine learning capabilities help in identifying threats with fewer false positives and negatives.

Implementation of Cortex XSIAM reduces incident response times by approximately twenty percent.

CONS

There is room for improvement in expanding integrations to include more cybersecurity solutions.

Cortex XSIAM needs improvements in data onboarding, parsers, and third-party integration support.

The standard integrations are very limited, and obtaining validation for integrations from Palo Alto takes around eight months.

The pricing and licensing process of Cortex XSIAM is considered expensive and uncomfortable compared to competitors.

Further integration with various software products that can seamlessly tie into Cortex XSIAM would be advantageous.

Cortex XSIAM Pros review quotes

reviewer2541030

Cybersecurity Architect at a computer software company with 10,001+ employees

Jun 12, 2026

For me, to have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming.

Read full review

Solutions Architect at ostec

Aug 29, 2025

The advanced visualization capabilities of the product are important for understanding security trends in an organization.

Read full review

IT COMMUNICATIONS AND NETWORKS at Américas BPS

Oct 2, 2025

The way the solution responds to detections and warnings is really impressive.

Read full review

Free Report: Cortex XSIAM Reviews and More

Learn what your peers think about Cortex XSIAM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.

900,644 professionals have used our research since 2012.

reviewer2666148

Associate Director at a financial services firm with 5,001-10,000 employees

Feb 20, 2025

The flexibility for creating manual workflows stands out.

Read full review

SOC Analyst at OVELOSEC

Mar 28, 2025

Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent.

Read full review

Owner at Xelere

Nov 12, 2024

One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.

Read full review

Senior Vice President at Chi Networks

Feb 28, 2025

Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing.

Read full review

Forrest Stevens

Senior Manager - Security Operations at First Advantage Corporation

Sep 28, 2023

Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program.

Read full review

Subject Matter Expert at Softcell Technologies Limited

Dec 27, 2023

It is an effective solution in terms of performance and functionalities.

Read full review

RJ

Director at MICROLOGIC NETWORKS PRIVATE LIMITED

Mar 19, 2025

I would give Cortex XSIAM a rating of ten out of ten.

Read full review

Show 5 more reviews (out of 15)

Cortex XSIAM Cons review quotes

reviewer2541030

Cybersecurity Architect at a computer software company with 10,001+ employees

Jun 12, 2026

I would say that the thing that maybe needs a bit more improvement is the firewall because I have seen some things there that are kind of hard to manage.

Read full review

Solutions Architect at ostec

Aug 29, 2025

Cortex XSIAM is on the expensive side and requires substantial improvement in pricing.

Read full review

IT COMMUNICATIONS AND NETWORKS at Américas BPS

Oct 2, 2025

At the beginning, we experienced some difficulties setting up the product with connectivity and infrastructure, but ultimately it functioned really effectively.

Read full review

Free Report: Cortex XSIAM Reviews and More

Learn what your peers think about Cortex XSIAM. Get advice and tips from experienced pros sharing their opinions. Updated: June 2026.

900,644 professionals have used our research since 2012.

reviewer2666148

Associate Director at a financial services firm with 5,001-10,000 employees

Feb 20, 2025

The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.

Read full review

SOC Analyst at OVELOSEC

Mar 28, 2025

Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.

Read full review

Owner at Xelere

Nov 12, 2024

Cortex could improve the detection and online resolution of security vulnerabilities.

Read full review

Senior Vice President at Chi Networks

Feb 28, 2025

I would rate the overall stability a six or seven, as we have only used it for a few months and need a year of experience to provide a full assessment.

Read full review

Forrest Stevens

Senior Manager - Security Operations at First Advantage Corporation

Sep 28, 2023

Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous.

Read full review

Subject Matter Expert at Softcell Technologies Limited

Dec 27, 2023

The support could be a bit faster.

Read full review

RJ

Director at MICROLOGIC NETWORKS PRIVATE LIMITED

Mar 19, 2025

Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike.

Read full review

Show 5 more reviews (out of 15)

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Identity Threat Detection and Response (ITDR)

AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Cortex XSIAM

Cortex XDR by Palo Alto Networks vs Cortex XSIAM

Wazuh vs Cortex XSIAM

Splunk Enterprise Security vs Cortex XSIAM

SentinelOne Singularity Endpoint vs Cortex XSIAM

Darktrace vs Cortex XSIAM

IBM Security QRadar vs Cortex XSIAM

Microsoft Sentinel vs Cortex XSIAM

Varonis Platform vs Cortex XSIAM

Elastic Security vs Cortex XSIAM

Cribl vs Cortex XSIAM

TrendAI Vision One vs Cortex XSIAM

Rapid7 InsightIDR vs Cortex XSIAM

Vectra AI vs Cortex XSIAM

Cynet vs Cortex XSIAM

See all alternatives

Product Categories

Product Categories

Security Information and Event Management (SIEM)

Identity Threat Detection and Response (ITDR)

AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons

CrowdStrike Falcon vs Cortex XSIAM

Cortex XDR by Palo Alto Networks vs Cortex XSIAM

Wazuh vs Cortex XSIAM

Splunk Enterprise Security vs Cortex XSIAM

SentinelOne Singularity Endpoint vs Cortex XSIAM

Darktrace vs Cortex XSIAM

IBM Security QRadar vs Cortex XSIAM

Microsoft Sentinel vs Cortex XSIAM

Varonis Platform vs Cortex XSIAM

Elastic Security vs Cortex XSIAM

Cribl vs Cortex XSIAM

TrendAI Vision One vs Cortex XSIAM

Rapid7 InsightIDR vs Cortex XSIAM

Vectra AI vs Cortex XSIAM

Cynet vs Cortex XSIAM

See all alternatives

Related questions

219

What Solution for SIEM is Best To Be NIST 800-171 Compliant?

222

When evaluating Security Information and Event Management (SIEM), what aspect do you think is the most important feature to look for?

173

What are the main differences between Nessus and Arcsight?

236

What's The Best Way to Trial SIEM Solutions?

187

Which is the best SIEM solution for a government organization?

495

What is the difference between IT event correlation and aggregation?

179

What Is SIEM Used For?

155

RSA-EMC vs. other SIEM products?

254

What Questions Should I Ask Before Buying SIEM?

195

What are the pros and cons of internal SOC vs SOC-as-a-Service?