We compared Cortex XDR by Palo Alto Networks and Darktrace based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, Cortex XDR by Palo Alto Networks seems to be the superior solution. Our reviewers feel that because Darktrace is lacking where security is concerned, Cortex XDR is a better investment.
"The product's initial setup phase is very easy."
"The stability is very good."
"The console is easy to read. I also like the scanning part and the ability to move assets from one to the other."
"It is stable and scalable."
"The most valuable feature is the analysis, because of the beta structure."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"Ability to get forensics details and also memory exfiltration."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"The solution is a new generation XDR that has a lot of artificial intelligence modules."
"The solution doesn't need a high level of technical training."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"From a single pane of glass, you can easily manage all of your endpoints."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"I have found the automation and AI features to be valuable. If someone were to come in to the office at midnight and log in, Darktrace would flag it."
"The most valuable feature is that it works autonomously."
"The AI-based pattern is the most valuable feature."
"The solution is stable. We've never had any problems with it."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"The models, triggers, and alerts are customizable."
"I like the dashboards, which are cool. They are more user-friendly, in my experience. Its learning capabilities are really good."
"I am impressed with the product's ability to give insights into network traffic."
"Detections could be improved."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"They can include the automation for the realtime updates. We have a network infrastructure with remote sites. Whenever they send updates, they are not automated. We have to go into the console and push those updates. I wish it was more automated. The update file is currently around 31 MB. It could be smaller."
"We'd like to see more one-to-one product presentations for the distribution channels."
"The dashboard isn't easy to access and manage."
"The support needs improvement."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"We find the solution to be a bit expensive."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"The tool needs to be improved in terms of integration and interface."
"The solution could improve by providing better integration with their own products and others."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"They just need to work on their price. In terms of features, we are trying to understand all the features that we have. We're still exploring everything that we have so that we can fully utilize it. At this point in time, it is not about the features. It is more about utilization. We're just trying to utilize everything to full capacity."
"The program is quite expensive."
"I believe their network monitoring device licensing module could use some improvement."
"One thing that I would like to look at going forward is to have a fully automated network infrastructure that is monitored automatically real-time, and that gives me this kind of capability where I would be able to look at my network at any given time and see the state of my network. With Darktrace, at the moment, I have to almost put in a date and tell them that want you to give me data from this date to this date. I don't want that. I want a fast solution in which it doesn't matter when I log into the application. Whenever I log in, I must be able to see my network and run a report. In other words, if I go in now and I say, "Give me a full report of what happened today, it must be able to give me that. It mustn't just be limited to a seven-day period, for argument's sake. It must be able to give me real-time and day-to-day tracking of what has happened within my network."
"The pricing model is a little too high and could be more flexible."
"In an upcoming release, there could be more customizable playbooks or a library of playbooks to choose from."
"The module can improve so that every time it's more intelligent."
"This is quite an expensive product so the pricing is something that can be improved."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Darktrace is ranked 11th in Email Security with 65 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Darktrace is rated 8.2. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Symantec Endpoint Security, Trellix Endpoint Security and Check Point Harmony Endpoint, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.