We performed a comparison between Cortex XDR by Palo Alto Networks and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: Some customers were impressed with Palo Alto's support, while others reported mixed experiences. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Cortex XDR over Trend Micro XDR. Cortex XDR offers a robust and user-friendly platform with advanced features like threat identification and detection and seamless integration with other solutions. Users appreciate the simplicity and efficiency of its installation process. Trend Micro XDR falls short in terms of integration capabilities and receives mixed reviews regarding technical support.
"We are connected to Microsoft and have every laptop enrolled. This acts as an endpoint. The tool helps me check security and compliance. I can also check what a device is doing."
"The summarization of emails is a valuable feature."
"Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and potential indicators of compromise."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"The solution is well integrated with applications. It is easy to maintain and administer."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"Monitoring is most valuable."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"They did what they said. This solution could apply to any scenario."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"We've found the pricing to be reasonable."
"Trend Micro XDR is stable, scalable, and reasonably priced."
"I appreciate the value of real-time activity monitoring."
"The solution is very easy to use."
"The most important thing for us as a customer is that we can spend more time in other places as it's simpler to have that overview. We have much more time for other tasks."
"I like that it is a comprehensive security solution with a lot of features. You can say XDR is an end-to-end security solution with endpoint security. It includes all your servers, networks, and other devices. The endpoint security solution does not cover this. Plus, machine learning and features like that are the main things in XDR solutions."
"We had a quick deployment. The solution is easy to set up."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"There is definitely scope for improvement in the automation area. Because the solution is a SaaS platform, we don't have the overall ability to automate stuff.... There is no direct way to go ahead because it's a SaaS platform."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"Just like in any solution, the price can always be cheaper."
"The price should be adjustable by region."
"There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"The solution lacks real-time, on-demand antivirus."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"A room for improvement in Trend Micro XDR is more visibility into the alerts. We do get alerts from the solution, but when we are away, we need to have more visibility."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"When you deploy these tools from Trend Micro, the integration and getting them to work together, are among the more difficult pieces of the puzzle. But when you get that set up and working, you're glad you did."
"The zero trust is a bit complicated compared to other parts of the solution."
"The product needs to have a lot more maturity, and they need to improve the overall technical support framework for getting the value out of XDR."
"They are planning on adding the Security Playbooks as a complete feature. In the preview mode, it is available; however, it is not released."
"The deployment process could be more streamlined over the existing infrastructure, as it was not as easy as we thought."
"We do use the automation capability a little. However, we noticed some limitations, especially on the playbook side."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiClient, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Fortinet FortiEDR. See our Cortex XDR by Palo Alto Networks vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.