We performed a comparison between Cortex XDR by Palo Alto Networks and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Some customers were impressed with Palo Alto’s support, while others reported mixed experiences. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: Our users prefer Cortex XDR over Cisco SecureX. Cortex XDR stands out for its comprehensive platform and valuable features. Users praised its ease of use, threat identification capabilities, and minimal hardware resource consumption.
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"The summarization of emails is a valuable feature."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The timeline feature is excellent. I also like the phishing simulation. We have phishing campaigns to educate employees and warn them about these threats."
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The threat intelligence is excellent."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The automation and orchestration tools are the most valuable features."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"Stability is a primary factor, and then there's the ease of distribution and policy management."
"If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."
"It integrates well into the environment."
"The initial setup is pretty easy."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"The price should be adjustable by region."
"There could be a way to proactively monitor unusual activity ."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"When we do investigations, it would be better if Microsoft could populate the host dashboard more. When we open any host for investigation, we want the entire timeline of what is happening on the host, including all the users logging in, their hardware, Windows version, etc."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"Remediation stuff could be integrated into the product's automation."
"what's missing right now is the multi-tenant capability."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"The documentation can be improved and the on-prem integration. The set of applications that it was integrated with wasn't comprehensive."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"There are a large number of false positives."
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"The tool needs to be improved in terms of integration and interface."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"The solution could improve by providing better integration with their own products and others."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 14th in Extended Detection and Response (XDR) with 13 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco SecureX is most compared with Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics, Fortinet FortiSOAR and Wazuh, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.