We performed a comparison between Palo Alto Networks Cortex XSOAR and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The UI-based analytics are excellent."
"We can use Sentinel's playbook to block threats. It covers all of the environment, giving us great visibility."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Its inbuilt Kusto Query Language is a valuable feature. It provides the flexibility needed to leverage advanced data analytics rules and policies and enables us to easily navigate all our security events in a single view. It helps any user easily understand the data or any security lags in their data and applications."
"Sentinel has features that have helped improve our security poster. It helped us in going ahead and identifying the gaps via analysis and focusing on the key elements."
"We’ve got process improvement that's happened across multiple different fronts within the organization, within our IT organization based on this tool being in place."
"While Microsoft Sentinel provides a log of security events, its true power lies in its integration with Microsoft Defender."
"The product’s stability is good."
"The solution is very reliable."
"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used."
"The pricing is very good."
"I am satisfied with the product overall."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"The solution is user-friendly and easy to configure."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
"The most valuable features are ease of use and the ability to customize it."
"ThreatConnect has a highly user-friendly interface."
"The product automatically generated a threat score based on the maliciousness of an IP."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"The only thing is sometimes you can have a false positive."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The troubleshooting has room for improvement."
"I would like to see more AI used in processes."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"The playbook is a bit difficult and could be improved."
"I would like Sentinel to have more out-of-the-box analytics rules. There are already more than 400 rules, but they could add more industry-specific ones. For example, you could have sets of out-of-the-box rules for banking, financial sector, insurance, automotive, etc., so it's easier for people to use it out of the box. Structuring the rules according to industry might help us."
"The playbook development environment is not as rich as it should be. There are multiple occasions when we face problems while creating the playbook."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The integration could be better. Cortex, for example, does not work with iPhone."
"They should provide integration with machine learning platforms."
"The solution's technical support could be better."
"The solution's correlation rules and playbooks should be improved."
"The price of the solution could be improved."
"I think they should increase their collaboration base."
"I couldn’t get any training videos online when I was working with the tool."
"Integration is an area that could use some improvement."
"They should make it a little bit easier to generate events and share them with the community"
"It would be good to have more feeds and more integrated sources for enrichment."
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 19th in Security Orchestration Automation and Response (SOAR) with 4 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and Exabeam Fusion SIEM, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Anomali Match and Splunk SOAR. See our Palo Alto Networks Cortex XSOAR vs. ThreatConnect Threat Intelligence Platform (TIP) report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.