Try our new research platform with insights from 80,000+ expert users
Palo Alto Networks Cortex XSOAR Logo

Palo Alto Networks Cortex XSOAR pros and cons

Vendor: Palo Alto Networks
4.2 out of 5
Badge Leader
479 followers
Start review

Pros & Cons summary

Palo Alto Networks Cortex XSOAR is known for automating responses and effectively gathering information for security events, offering seamless integration with diverse tools through its extensive plugin library. It excels in scalability and efficient management with its orchestration capabilities, though lacking SIEM functionalities. Challenges include increased pricing post-acquisition, slowdowns during alert influxes, and limited documentation for automation. Multi-tenancy and technical support response times need enhancements.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Automation and orchestration are highly valued for coordinating information from various devices and providing an overview of critical log data.
Palo Alto Networks Cortex XSOAR is praised for its stability and reliability.
The integration capabilities are extensive, allowing seamless incorporation with various platforms and tools.
The platform is noted for its scalability, making it suitable for organizations of different sizes.
Cortex XSOAR's automation and playbook functionalities are highly effective, managing substantial workloads in security operations.

CONS

Implementation often demands substantial vendor involvement, suggesting a need for improved partner accessibility.
Documentation for automation is available but lacks quality, indicating an area for enhancement.
The price increased significantly post-acquisition by Palo Alto, leading to budgetary concerns.
The absence of on-premise options limits customer flexibility in deployment choices.
The system exhibits slowdowns when processing a large influx of alerts, affecting investigation efficiency.
 

Palo Alto Networks Cortex XSOAR Pros review quotes

reviewer1714731 - PeerSpot reviewer
Nov 11, 2021
Palo Alto has gotten the investigators more presence to actually go in the report because being that the platform will email the investigator that it's been assigned to, now the investigators will jump in there and start going through the review process a lot quicker.
Read full review
NikhilSharma2 - PeerSpot reviewer
Aug 23, 2024
The orchestration in XSOAR is significantly easier compared to other SOAR tools I've used.
Read full review
Donald Keeber - PeerSpot reviewer
Feb 1, 2024
I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place.
Read full review
Buyer's Guide
Palo Alto Networks Cortex XSOAR
May 2025
Free Report: Palo Alto Networks Cortex XSOAR Reviews and More
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
851,604 professionals have used our research since 2012.
Chetankumar Savalagimath - PeerSpot reviewer
Oct 19, 2023
For organizations that are stable with their security operations, like those with around 50 members in their security team running full-phased operations 24/7, Cortex is necessary.
Read full review
CC
May 12, 2025
What I appreciate most about Palo Alto Networks Cortex XSOAR is that it is very open, even more so than Anomali.
Read full review
reviewer1469436 - PeerSpot reviewer
Sep 8, 2021
It has an extensive list of integrations that are available out of the box which makes it easy to start.
Read full review
Chetankumar Savalagimath - PeerSpot reviewer
May 15, 2021
The automation is excellent.
Read full review
DL
Jul 21, 2022
They have a portal where you can find any kind of integration that you need.
Read full review
Mostafa-Ahmed - PeerSpot reviewer
Oct 1, 2023
What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used.
Read full review
Jasmin Surani - PeerSpot reviewer
Jan 3, 2024
The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation.
Read full review
Show 10 more reviews (out of 47)
 

Palo Alto Networks Cortex XSOAR Cons review quotes

reviewer1714731 - PeerSpot reviewer
Nov 11, 2021
In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening.
Read full review
NikhilSharma2 - PeerSpot reviewer
Aug 23, 2024
The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
Read full review
Donald Keeber - PeerSpot reviewer
Feb 1, 2024
I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it.
Read full review
Buyer's Guide
Palo Alto Networks Cortex XSOAR
May 2025
Free Report: Palo Alto Networks Cortex XSOAR Reviews and More
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
851,604 professionals have used our research since 2012.
Chetankumar Savalagimath - PeerSpot reviewer
Oct 19, 2023
Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs.
Read full review
CC
May 12, 2025
One of the significant issues we encounter is system slowdown when we receive an influx of alerts, which inhibits how quickly we can access the information needed for investigation.
Read full review
reviewer1469436 - PeerSpot reviewer
Sep 8, 2021
I would love to see more flexibility on what we can display and design on the dashboards.
Read full review
Chetankumar Savalagimath - PeerSpot reviewer
May 15, 2021
When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot.
Read full review
DL
Jul 21, 2022
It's only one cloud right now. It might be helpful for some companies to have an on-premies option.
Read full review
Mostafa-Ahmed - PeerSpot reviewer
Oct 1, 2023
It doesn't offer automatic internet reports out of the box.
Read full review
Jasmin Surani - PeerSpot reviewer
Jan 3, 2024
There is room for improvement in support. The response time could be faster.
Read full review
Show 10 more reviews (out of 46)

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)
SOC as a Service

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR Logo
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR Logo
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR
AWS Security Hub vs Palo Alto Networks Cortex XSOAR Logo
AWS Security Hub vs Palo Alto Networks Cortex XSOAR
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR Logo
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR
Splunk SOAR vs Palo Alto Networks Cortex XSOAR Logo
Splunk SOAR vs Palo Alto Networks Cortex XSOAR
Exabeam vs Palo Alto Networks Cortex XSOAR Logo
Exabeam vs Palo Alto Networks Cortex XSOAR
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR Logo
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR
Tines vs Palo Alto Networks Cortex XSOAR Logo
Tines vs Palo Alto Networks Cortex XSOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR Logo
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR Logo
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR
NetWitness NDR vs Palo Alto Networks Cortex XSOAR Logo
NetWitness NDR vs Palo Alto Networks Cortex XSOAR
Torq vs Palo Alto Networks Cortex XSOAR Logo
Torq vs Palo Alto Networks Cortex XSOAR
Swimlane vs Palo Alto Networks Cortex XSOAR Logo
Swimlane vs Palo Alto Networks Cortex XSOAR
IBM Resilient vs Palo Alto Networks Cortex XSOAR Logo
IBM Resilient vs Palo Alto Networks Cortex XSOAR
See all alternatives

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)
SOC as a Service

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR Logo
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR Logo
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR
AWS Security Hub vs Palo Alto Networks Cortex XSOAR Logo
AWS Security Hub vs Palo Alto Networks Cortex XSOAR
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR Logo
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR
Splunk SOAR vs Palo Alto Networks Cortex XSOAR Logo
Splunk SOAR vs Palo Alto Networks Cortex XSOAR
Exabeam vs Palo Alto Networks Cortex XSOAR Logo
Exabeam vs Palo Alto Networks Cortex XSOAR
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR Logo
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR
Tines vs Palo Alto Networks Cortex XSOAR Logo
Tines vs Palo Alto Networks Cortex XSOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR Logo
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR Logo
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR
NetWitness NDR vs Palo Alto Networks Cortex XSOAR Logo
NetWitness NDR vs Palo Alto Networks Cortex XSOAR
Torq vs Palo Alto Networks Cortex XSOAR Logo
Torq vs Palo Alto Networks Cortex XSOAR
Swimlane vs Palo Alto Networks Cortex XSOAR Logo
Swimlane vs Palo Alto Networks Cortex XSOAR
IBM Resilient vs Palo Alto Networks Cortex XSOAR Logo
IBM Resilient vs Palo Alto Networks Cortex XSOAR
See all alternatives
Related questions
  • 40
Which Do You Recommend, Phantom or Demisto?
  • 221
Which solution do you prefer: Microsoft Sentinel or Palo Alto Networks Cortex XSOAR?
  • 32
Which SOAR product has the better value: Palo Alto Networks Cortex XSOAR or Swimlane? Why?
  • 90
What are the Top 5 cybersecurity trends in 2022?
  • 2,234
What is the difference between SIEM and SOAR platforms?
  • 491
What is an incident response playbook and how is it used in SOAR?
  • 130
What are the latest trends in Security Operations Center (SOC)?
  • 48
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 197
How to evaluate SIEM detection rules?
  • 111
Why a Security Operations Center (SOC) is important?