Palo Alto Networks Cortex XSOAR Reviews

We use Palo Alto as a firewall, a system for detecting and whitelisting certain IP addresses or to block certain IP addresses based on where they're coming from. We then send the logs to another log management tool for more forensics and analysis before we make a decision.

We're basically using Palo Alto for firewalling and sending those logs to another security monitoring tool to make decisions based on analytics that it provides us.

The solution is very reliable. The performance is great.

The scalability of the solution is excellent. 

We find the solution to be very robust. Palo Alto has been in the industry a long time and the solution reflects that.

The initial setup is very straightforward. It's not hard to deploy.

The solution is very expensive. They would get more clients if it wasn't so pricey.

I've been using the solution for about four years at this time. It's been a while. 

The solution is very reliable in terms of performance. It doesn't crash or freeze. There are no bugs or glitches.

The solution is extremely scalable. If a company needs to expand it, it can do so easily.

The technical support has been very good. Palo Alto is top of the line. They've been in the industry a long time and their support team reflects that knowledge. We are very satisfied with their level of support.

I also work with Fortinet. We've used them for around the same amount of time.

We found the initial setup to be quite straightforward. It's not hard to do. A company shouldn't have too much of a problem getting it up and running.

I cannot speak to the exact cost of the solution or how much our organization pays.

However, it is my understanding that the product is extremely expensive.

I'm not sure which version of the solution we're using at this time.

I'd rate the solution at an eight out of ten. We've been quite pleased with its capabilities. The only thing is it is pretty expensive.

I'd recommend other users work both with Palo Alto and Fortinet. They are great together. They compliment each other nicely.

I primarily pitch and sell this solution to our customers. We do product assessments and consult with customers for the most part.

Clients can use it for automation. 

The solution has very good integration capabilities. It's really the best at integration. Inside every integration, there are certain commands which we can call upon, which makes it very useful as a product.

The automation is excellent. 

The product is very robust.

With this solution, we can do dynamic remediation.

It's a product that is constantly upgrading and improving.

It's a user-friendly solution.

Technical support is very helpful and responsive.

We'd like to be able to add as many integrations as possible. We would like more options for our clients. 

A few times, I have noticed some bugs. That may be due to the fact that they are consistently upgrading the product. With new releases, a few bugs might get through.

The solution is expensive. They should work to make it less costly for the customer.

I've been working with the solution for the past five years or so at this point. It's been a while. 

There are a few bugs here and there when new releases happen. We've used it from version four all the way to version six and have dealt with a few bugs, however, that is expected. That's always some in any products. It's fine for us.

Mostly, the stability is okay. The integration keeps on triggering every time. It has jobs that are learning all the time. It's based on completely API integrations. As long as there is compatibility, the solution is pretty available. It is always ready to go.

We haven't tried to scale, however, as per the technical documents which I have read, it should be understood by the customer before it is deployed. It all depends on how many integrations or how many triggering points a company has. You need to have an idea of the scope. Remediation can take a minute or two, however, it will still be possible. There isn't too much of a concern for scaling right now.

We have one or two customers using the solution for their own purposes. We are consulting with two more customers. We do plan to increase usage in the future. 

We've dealt with technical support in the past. They're 100% responsive and they have a lot of channels in which to talk to them. You can always get a hold of them and they are very knowledgeable. We are quite satisfied with their level of support.

Initially, we found the implementation to be a bit difficult. However, now we have done it quite a few times for clients, and we find it to be very straightforward and simple. You get used to the process. You learn how to do it. It's simple.

We implement the solution for our clients as consultants. 

The licensing is paid on a yearly basis. It is quite expensive. 

When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot. 

We are a partner for Palo Alto. I have been certified with them. I did certifications around their certificates when they were Demisto, however, right now, we are Palo Alto partners.

It's not a SIEM product, however, it's a next-gen automation platform for SIEM SOC services.

I'd advise companies considering the solution to assess the existing environment before they go ahead and choose something. This solution is basically built for a vast organization or a medium and big organization. Smaller organizations have other options which are available to them that might be more appropriate. 

Companies should assess the product before it's brought on, as the cost is high. Businesses need to check their budget around that, and whether it will be flexible or not. 

It's also important to have a proper engineering and design team to implement that product.

I'd rate the solution at a nine out of ten overall.

We automate security processes, particularly SOC automation, for our clients using Cortex XSOAR. We implement these processes for major companies in Portugal.

Cortex XSOAR's playbook for incident management and automation is highly valuable. We develop Playbooks automation, centralize incident data, and try to enhance the efficiency of resolving incident cases. The platform's features focus on closing the incident lifecycle more quickly, managing incidents efficiently, and integration capabilities across security infrastructure.

The price of the solution could be lower. Companies utilizing this solution should have a well-developed cybersecurity team to maximize its benefits. It is more suited for large organizations rather than small or medium-sized companies.

We have been using Cortex XSOAR for three years.

The stability is rated eight out of ten, indicating it's quite stable without major issues.

Scalability is rated nine, reflecting its ability to scale effectively.

Our team has more experience with the solution than Palo Alto's technical support. Our experience initially showed that the Palo Alto implementation was not optimal, but this has improved over time.

Neutral

We previously used Fortinet. We have now shifted focus to Palo Alto, specifically relying on the Cortex XDR and Cortex XSOAR solutions.

The initial setup of Cortex XSOAR is simple.

Our internal team has been pivotal in implementing and solving issues with the solution.

The price of the solution is high and not justifiable for small or medium-sized companies without a developed cybersecurity team.

We moved from a primary focus on Fortinet to Palo Alto.

I would rate the overall solution eight out of ten as it is considered top-notch in the market. It is highly recommended, however, better suited for organizations with mature cybersecurity teams.

We use the solution for incident orchestration.

The solution helps us with incident analysis.

The solution has the best processing and incident analysis features.

The solution's price could be better. Also, they should provide integration with machine learning and artificial intelligence platforms.

We have been using the solution for seven months.

I rate the solution's stability an eight out of ten.

I rate the solution's scalability a ten out of ten.

The solution's technical support team is good.

Positive

The solution's initial setup process is easy. We implement it on the cloud and premises.

The solution generates a good return on investment.

The solution's pricing needs improvement.

I recommend the solution to others and rate it a ten out of ten.

I'm currently evaluating XSOAR to see what the solution can do. I'm playing around with the various features. 

The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily. 

XSOAR could have more integration options. 

I have used XSOAR for two months.

XSOAR is stable. 

Setting up XSOAR is straightforward and takes about 30 minutes. It doesn't require any special technology to implement it in any architecture.  You create a virtual machine, move the file to it, launch the installer, and let it run. It doesn't require any complex tasks. 

I rate Palo Alto Networks Cortex XSOAR nine out of 10. 

Our clients use it in our managed service platform, in our cloud. We also provide solutions to our clients on Service Cloud and XDR.

The advanced security capabilities and the automation available with the solution are the most valuable solution. Moreover, the scalability and ease of management are additional benefits.

There is room for improvement in terms of the pricing model. 

We've been selling and working with it for eight years.

It is a stable solution. I would rate stability a ten out of ten. 

It is a scalable solution. I would rate scalability a ten out of ten. Our clients are enterprise businesses. 

The customer support is good. 

Positive

Since we handled the installation ourselves in our environment, it's really easy for us to install.

It may not be the easiest installation, especially when configuring agents with specific functionalities. But the initial setup is relatively easy. Maintenance is ongoing. It's always required to ensure the system runs smoothly.

The deployment process really depends on the client. It varies based on the complexity of the deployment. Each time is different. It could take anywhere from a few days to a week.

We probably have around six people involved in the process. When it comes to setup, it's all about proper planning and understanding the client's specific needs and requirements for the service.

I would rate pricing a seven out of ten, where one is a low price, and ten is a high price. We use the annual subscription. There are no additional costs.

I would advise them to explore the extensive features it offers in terms of organization and remediation. It's important to consider its seamless integration with other platforms and the wide range of services and products provided by the company.

Overall, I would rate the solution a nine out of ten because the product offers a comprehensive network and cloud solution. We can provide clients with a complete end-to-end solution through a single vendor.

We use the solution to create playbooks for all the operational programs.

The solution's integration with non-security solutions will be helpful.

We have been using the solution for almost two years now.

The solution is stable. I rate its stability an eight.

I rate the solution's scalability as an eight. It is complex to scale.

The solution's technical support team takes longer to reply to the queries.

Neutral

The solution's initial setup process is straightforward.

The solution's cost is reasonable. I rate its pricing as a five.

I rate the solution an eight.

I work for a company, and we provide support and complete end-to-end management of the product for our customers who hold the product.

Over thirty users are currently using Palo Alto Networks Cortex XSOAR in your organization. The role is inclusive, like administrator and engineer.

According to Gartner, it's a leader in NID. Customers are investing more in it, and that's why we are using the product.

The dashboard performance could be improved.

Another area of improvement is a support team. Moreover, we need to pay for modifying anything with scripting in terms of customization. It can be a challenge if the person isn't 100% good with scripting.

I have been using this solution for around four years and currently use the latest version.

It is a stable solution. I would rate it a nine out of ten.

It is quite scalable. I would rate it a ten out of ten.

Customer support could be better.

Neutral

For maintenance, two or three engineers are involved.

We use the yearly subscription.

Overall, I rate the solution a nine out of ten.

Our company uses the solution for security management and threat response. 

Many different playbooks are available and can be customized. 

Integrations with other applications are challenging and need to be improved. 

Reports or issues are often duplicated. 

The solution requires DV but does not support open-source DV elastic searches. 

I have been using the solution for seven months. 

The solution has stability issues from the performance side and often duplicates reports or issues.

The solution is not a Palo Alto product so technical support is inadequate. 

There is not a big focus on support for the solution so it takes a lot of time to receive responses for issues. 

The setup might not be easy because it requires official customers. 

Our company received technical support during installation.

The solution is based on an annual licensing model that is expensive. 

The solution is a good product that would be even better if technical support is improved and prices are discounted. 

Support is very important because there is a lot of follow up after implementations to properly manage changes and issues. 

I rate the solution a six out of ten. 

It is a help desk ticketing tool. It's a sought platform, however, it is just a help desk ticketing tool.

It was useful as a ticketing tool. However, it's been discontinued. 

It doesn't have any integrations. It lacks multiple integrations. 

It is been decommissioned by Palo Alto. There's no more trying to support it. There will be no more additional items added.

The initial setup was complex.

I've been using the solution for a year or more. 

The stability is not there. 

I'm not sure how scalable the solution is.

I can't speak to technical support's capabilities. I don't have much experience with them. 

The setup has a bit of complexity. I'd rate the complexity five out of five. 

I'm not sure how long the deployment took.

We were a reseller. 

I'm not sure which version of the solution we're using. It might be behind a version or two. Demisto has been purchased by Palo Alto. There's a difference in versions between the organizations. The latest version is not defined by the organization.

Potential users should not purchase this product. They decommissioned the product, and it is now at end of life. 

I'd rate the solution three out of ten. It was sold to another company and decommissioned.