We performed a comparison between Palo Alto Networks Advanced Threat Prevention and Vectra AI based on real PeerSpot user reviews.
Find out in this report how the two Intrusion Detection and Prevention Software (IDPS) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Edge protection is a valuable feature."
"The most valuable features are the simplicity, transparency, and overall ease of management."
"One of the most valuable features is the anti-malware protection."
"I find the malware protection very handy."
"The user interface is a bit more professional than some free products."
"The most valuable features are that it's user-friendly, has interesting features, URL filtering, and threat prevention."
"Palo Alto Networks Threat Prevention is the market leader as far as security gateways and endpoint protection. Additionally, the threat database that is used is one of the best."
"We are currently using the URL filtering feature, which is the most popular."
"It has reduced the time it takes to respond to attacks. That comes back to the proactive point. It makes us able to lower down in the kill chain, we can react now, rather than reacting to incidents that happened, we can see an instant, in some cases, as it's being implemented, or as it's being launched."
"The automatic filtering that they provide is valuable. The logic inside that makes some detections instead of us is very useful. We are confident that if we are just looking into it and there is nothing, nothing could happen."
"Vectra produces actionable data using automation. That has helped us. It's less manpower now to look at incidents, which has definitely increased efficiency. Right now, in a lot of cases, our mean time to detection is within zero days. This tells me by the time something happened, and we were able to detect it, it was within the same day."
"Vectra is very compatible with various cloud providers, such as Amazon and Azure AD. This is helpful as customers often migrate their network infrastructure to the cloud."
"One of the most valuable features is all the correlation that it does using AI and machine learning. An example would be alerting on a host and then alerting on other things, like abnormal behavior, that it has noticed coming from the same host. It's valuable because we're a very lean team."
"It provides various dashboards that facilitate the identification of connections and can detect data exfiltration, meaning data sent from your environment to another."
"The most valuable feature for Cognito Detect, the main solution, is that external IDS's create a lot of alerts. When I say a lot of alerts I really mean a lot of alerts. Vectra, on the other hand, contextualizes everything, reducing the number of alerts and pinpointing only the things of interest. This is a key feature for me. Because of this, a non-trained analyst can use it almost right away."
"It does a reliable job of parsing out the logs of all the network traffic so that we can ingest them into our SIEM and utilize them for threat hunting and case investigations. It is pretty robust and reliable. The administration time that we spend maintaining it or troubleshooting it is very low. So, the labor hour overhead is probably our largest benefit from it. We spend 99% of our time in Vectra investigating cases, responding to incidents, or hunting, and only around 1% of our time is spent patching, troubleshooting, or doing anything else. That's our largest benefit from Vectra."
"Right now we are focusing on email. If Palo Alto can increase the features related to email filtering and the new malware, it would help us protect our systems."
"In terms of what needs improvement, the only thing I don't like is the support."
"Palo Alto Networks Threat Prevention could improve the commercial offing. Other solutions, such as Fortinet provide better commercial features."
"Mission learning techniques should continue to expand and detect unknown threats on the fly."
"In Africa, the technical support is probably not as good as in Europe and the USA because it's a specific premium support, partner-enabled premium support and all of that. But it's really good, I don't really have any complaints, it's fairly good. I'll give them 80%."
"The pricing has improved with the newer generation of their Firewalls, but the price could always be lower. In comparison with other solutions, I believe they're quite competitive."
"The documentation needs to be improved. I need better information about how to configure it and what the best practices are."
"The application’s pricing and dashboard need improvement. It could be user-friendly."
"The solution has not reduced the security analyst workload in our organization because we still need to SIEM. Unfortunately, while Vectra, for us, is a brilliant tool for network investigations, giving wonderful visibility, it doesn't go the whole way to replace our SIEM that is needed for compliance. So, I still have the same amount of alerting and logging that I did before. It gives us more defined ability to see incidents, but it doesn't give us enough information to satisfy a PCI or 27001 audit."
"In comparison with a lot of systems I used in the past, the false positives are really a burden because they are taking a lot of time at this moment."
"The solution's marketing is not good."
"The solution needs to become more proactive. When Vectra AI is the primary solution in an environment - like it is in our case - you must work on response time. We have a small team so response time at endpoint level is vital."
"An area for improvement in Vectra AI is reporting because it currently needs some details. For example, when you download a report from Vectra AI, you won't see complete information about the alerts or triggers. Another area for improvement in the tool is that sometimes, an alert has high severity, yet it's marked as low severity. Vectra AI should have a mechanism to change the severity level from low to high or critical."
"The UI/UX and detection could be improved. More detections of specific security events could be useful. We've had a few incidents that were not detected by Vectra. The teams are working on it right now, but more detection is always better."
"The main improvement I can see would be to integrate with more external solutions."
"One area where there's room for improvement is the absence of a comprehensive TCP recording and replay feature."
More Palo Alto Networks Advanced Threat Prevention Pricing and Cost Advice →
Palo Alto Networks Advanced Threat Prevention is ranked 7th in Intrusion Detection and Prevention Software (IDPS) with 24 reviews while Vectra AI is ranked 2nd in Intrusion Detection and Prevention Software (IDPS) with 42 reviews. Palo Alto Networks Advanced Threat Prevention is rated 8.8, while Vectra AI is rated 8.6. The top reviewer of Palo Alto Networks Advanced Threat Prevention writes "A good amount of granularity and advanced URL filtering capabilities". On the other hand, the top reviewer of Vectra AI writes "Integrates well with other security solutions and provides good technical support". Palo Alto Networks Advanced Threat Prevention is most compared with Check Point IPS, Fortinet FortiGate IPS, Arista NDR, Trend Micro TippingPoint Threat Protection System and Cisco Secure Network Analytics, whereas Vectra AI is most compared with Darktrace, ExtraHop Reveal(x), Cisco Secure Network Analytics, Arista NDR and Check Point IPS. See our Palo Alto Networks Advanced Threat Prevention vs. Vectra AI report.
See our list of best Intrusion Detection and Prevention Software (IDPS) vendors.
We monitor all Intrusion Detection and Prevention Software (IDPS) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.