We performed a comparison between Cortex XDR By Palo Alto Networks and Microsoft Defender for Cloud based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: The main difference between the two solutions is that Cortex XDR users say the solution is expensive while Microsoft Defender for Cloud users consider the solution to be fairly priced.
"The price is low and quite competitive with others."
"Fortinet is very user-friendly for customers."
"Forensics is a valuable feature of Fortinet FortiEDR."
"The product detects and blocks threats and is more proactive than firewalls."
"It is a scalable solution...The initial setup of Fortinet FortiEDR was straightforward."
"The solution was relatively easy to deploy."
"The main thing is that I feel safe. Because the processes that have been used to get a handle on the attackers are much better than other competitors"
"The setup is pretty simple."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"Stability is a primary factor, and then there's the ease of distribution and policy management."
"Stability is one of the features we like the most."
"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"The product has an intuitive dashboard."
"They have a new GUI which is just fantastic."
"WildFire AI is the best option for this product."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Defender lets you orchestrate the roll-out from a single pane. Using the Azure portal, you can roll it out over all the servers covered by the entire subscription."
"One of the features that I like about the solution is it is both a hybrid cloud and also multi-cloud. We never know what company we're going to buy, and therefore we are ready to go. If they have GCP or AWS, we have support for that as well. It offers a single-panel blast across multiple clouds."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"Everything is built into Azure, and if we go for cross-cloud development with Azure Arc, we can use most of the features. While it's possible to deploy and convert third-party applications, it is difficult to maintain, whereas Azure deployments to the cloud are always easier. Also, Microsoft is a big company, so they always provide enough support, and we trust the Microsoft brand."
"The security policy is the most valuable feature for us. We can go into the environment settings and attach any globally recognized framework like ISO or any benchmark."
"Defender for Cloud is a plug-and-play solution that provides continuous posture management once enabled."
"The product has given us more insight into potential avenues for attack paths."
"We can create alerts that trigger if there is any malicious activity happening in the workflow and these alerts can be retrieved using the query language."
"The EDR console should have more extensive reporting. You shouldn't need to purchase FortiAnalyzer. It should be included in the EDR part. The security adviser cloud platform could be improved with more options for exclusive or intensive rules for devices."
"The dashboard isn't easy to access and manage."
"The solution should address emerging threats like SQL injection."
"The amount of usage, the number of details we get, or the number of options that can be tweaked is limited in comparison to that with other EDR solutions"
"ZTNA can improve latency."
"Making the portal mobile friendly would be helpful when I am out of office."
"I think cloud security and SASE are areas of concern in the product where improvements are required. The tool's cloud version has to be improved in terms of the security it offers."
"FortiEDR can be improved by providing more detailed reporting."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"The tool needs to be improved in terms of integration and interface."
"We would also like to have advanced tech protection and email scanning."
"Impact on system performance is horrible, adding a lot of delays for users."
"The connection to the internet has not performed as expected."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"Microsoft sources most of their threat intelligence internally, but I think they should open themselves up to bodies that provide feel intelligence to build a better engine. There may be threats out there that they don't report because their team is not doing anything on that and they don't have arrangements with another party that is involved in that research."
"Defender is occasionally unreliable. It isn't 100% efficient in terms of antivirus detection, but it isn't an issue most of the time. It's also somewhat difficult to train new security analysts to use Defender."
"You cannot create custom use cases."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
"The solution is quite complex. A lot of the different policies that actually get applied don't pertain to every client. If you need to have something open for a client application to work, then you get dinged for having a port open or having an older version of TLS available."
"Microsoft can improve the pricing by offering a plan that is more cost-effective for small and medium organizations."
"One of the main challenges that we have been facing with Azure Security Center is the cost. The costs are really a complex calculation, e.g., to calculate the monthly costs. Azure is calculating on an hourly basis for use of the resource. Because of this, we found it really complex to promote what will be our costs for the next couple of months. I think if Azure could reduce the complex calculation and come up with straightforward cost mapping that would be very useful from a product point of view."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Microsoft Defender for Cloud is ranked 2nd in Cloud Workload Protection Platforms (CWPP) with 46 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides multi-cloud capability, is plug-and-play, and improves our security posture". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and ESET Endpoint Protection Platform, whereas Microsoft Defender for Cloud is most compared with AWS GuardDuty, Prisma Cloud by Palo Alto Networks, Microsoft Defender XDR, Wiz and Check Point CloudGuard CNAPP. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud report.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.