We performed a comparison between Cortex XDR By Palo Alto Networks and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two solutions is that Cortex XDR users say the solution is expensive while Microsoft Defender for Cloud users consider the solution to be fairly priced.
"The product's initial setup phase is very easy."
"NGAV and EDR features are outstanding."
"The price is low and quite competitive with others."
"This is stable and scalable."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The features that I have found most valuable are the ability to customize it and to reduce its size. It lets you run in a very small window in terms of memory and resources on legacy cash registers."
"Forensics is a valuable feature of Fortinet FortiEDR."
"Ability to get forensics details and also memory exfiltration."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"I've found the solution to be highly scalable for enterprises."
"The tool's use cases are relevant to security."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"They did what they said. This solution could apply to any scenario."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"The first valuable feature was the fact that it gave us a list of everything that users were surfing on the web. Having the list, we could make decisions about those sites."
"The product has given us more insight into potential avenues for attack paths."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"It has seamless integration with any of the services I mentioned, on Azure, such as IaaS platforms, virtual machines, applications, or databases, because it's an in-house product from Microsoft within the Azure ecosystem."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"With respect to improving our security posture, it helps us to understand where we are in terms of compliance. We can easily know when we are below the standard because of the scores it calculates."
"The vulnerability reporting is helpful. When we initially deployed Defender, it reported many more threats than we currently see. It gave us insight into areas we had not previously considered, so we knew where we needed to act."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"ZTNA can improve latency."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"The solution is not stable."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"Detections could be improved."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"The encryption is not up to the mark."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"The connection to the internet has not performed as expected."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"The solution should offer more dashboards and they should be better customized."
"Managing the product should be easier."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"The price could be a little lower."
"It needs to be simplified and made more user-friendly for a non-technical person."
"Agent features need to be improved. They support agents through Azure Arc or Workbench. Sometimes, we are not able to get correct signals from the machines on which we have installed these agents. We are not able to see how many are currently reporting to Azure Security Center, and how many are currently not reporting. For example, we have 1,000 machines, and we have enrolled 1,000 OMS agents on these machines to collect the log. When I look at the status, even though at some places, it shows that it is connected, but when I actually go and check, I'm not getting any alerts from those. There are some discrepancies on the agent, and the agent features are not up to the mark."
"We would like to have better transparency as to how the security score is calculated because as it is now, it is difficult to understand."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"I would like to see better automation when it comes to pushing out security features to the recommendations, and better documentation on the step-by-step procedures for enabling certain features."
"From my own perspective, they just need a product that is tailored to micro-segmentation so I can configure rules for multiple systems at once and manage it."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"Another thing that could be improved was that they could recommend processes on how to react to alerts, or recommend best practices based on how other organizations do things if they receive an alert about XYZ."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Microsoft Defender for Cloud is ranked 3rd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and ESET Endpoint Protection Platform, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Check Point CloudGuard CNAPP. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud report.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.