We performed a comparison between Cisco Secure Endpoint and Cortex XDR by Palo Alto Networks based on real PeerSpot user reviews.
Find out in this report how the two Endpoint Protection Platform (EPP) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The most valuable feature is the analysis, because of the beta structure."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Fortinet FortiEDR's scalability is quite good, and you can add licenses to the solution."
"It is stable and scalable."
"The stability is very good."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"There are no issues or drops in the solution's performance...The solution's technical support was helpful."
"Cisco has definitely improved our organization a lot. In terms of business, our company feels safer. We actually switched from legacy signature-based solutions to threat intelligence-based and machine learning-based solutions, which is Cisco Secure. This has improved our security significantly, from 10% of signature-based technology security to 99.9% of the current one which we are running. We were happy."
"Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
"I am really satisfied with the technical support."
"It doesn't impact the devices. It is an agent-based solution, and we see no performance knock on cell phones. That was a big thing for us, especially in the mobile world. We don't see battery degradation like you do with other solutions which really drain the battery, as they're constantly doing things. That can shorten the useful life of a device."
"The most valuable feature is its threat protection and data privacy, including its cyber attack and data protection, as we need to cover and protect data on user devices."
"It's quite simple, and the advantage I see is that I get the trajectory of what happened inside the network, how a file has been transmitted to the workstation, and which files have got corrupted."
"The product's initial setup phase was very simple."
"The solution is a new generation XDR that has a lot of artificial intelligence modules."
"Palo Alto is constantly adding new features."
"The information the dashboard provides is very clear."
"The initial setup isn't too bad."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"WildFire AI is the best option for this product."
"Detections could be improved."
"The SIEM could be improved."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The security should be strong for the cloud. Some applications are on-prem and some are on the cloud. Fortinet should also have strong security for the cloud. There should be more security for the cloud."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"Once, we had an event that was locked and blocked, but information about it came to us two or three days later."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"On the firewall level, they were lagging a little bit behind, but they are running up again. I have full trust in the new 3000 series of firewalls where we would also be able to look more into the traffic that we're monitoring and get more security layers in our services. That would definitely be a big step."
"We have had some problems with updates not playing nice with our environment. This is important, because if there is a new version, we need to test it thoroughly before it goes into production. We cannot just say, "There's a new version. It's not going to give us any problems." With the complexity of the solution using multiple engines for multiple tasks, it can sometimes cause performance issues on our endpoints. Therefore, we need to test it before we deploy. That takes one to three days before we can be certain that the new version plays nice with our environment."
"The product does not provide options like tunnel creation or virtual appliances."
"The technical support is very slow."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"They could improve the main dashboard to more clearly show me the things that I want to see. When I open the dashboard right now, I see a million things and they are not always the things that I need."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"It'll help if customization was easier."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"I would like to see better protection, specifically to protect email applications."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco Secure Endpoint is ranked 9th in Endpoint Protection Platform (EPP) with 44 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews. Cisco Secure Endpoint is rated 8.6, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco Secure Endpoint writes "Single dashboard management, quick infrastructure threat detection, and high level support". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco Secure Endpoint is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Check Point Harmony Endpoint, VMware Carbon Black Endpoint and Cisco Umbrella, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Wazuh. See our Cisco Secure Endpoint vs. Cortex XDR by Palo Alto Networks report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.