We performed a comparison between Cortex XDR by Palo Alto Networks and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: Some customers were impressed with Palo Alto's support, while others reported mixed experiences. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Cortex XDR over Trend Micro XDR. Cortex XDR offers a robust and user-friendly platform with advanced features like threat identification and detection and seamless integration with other solutions. Users appreciate the simplicity and efficiency of its installation process. Trend Micro XDR falls short in terms of integration capabilities and receives mixed reviews regarding technical support.
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The EDR and the way it automatically responds to ransomware and other attacks are valuable features."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"I like the easy integration and advanced possibilities. We can implement it at customer sites in a few clicks, but we can also dive deep and drill down to extended features. There's a very good starting point to get into this product and all the features from Defender."
"I like Defender XDR's automation capabilities. XDR isn't automated by default, but you can automate it to respond. If an attack is performed anywhere within the organization, you can isolate that instance from the network. This is what I can figure out for it. When integrated with Sentinel, you can set up playbooks to automate all the alerts gathered on Sentinel from different Microsoft solutions. Sentinel has a wider range of capabilities than XDR."
"The summarization of emails is a valuable feature."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"The most valuable for us is the correlation feature."
"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"I've found the solution to be highly scalable for enterprises."
"It's a nice product that's stable and scalable."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"One of the features I like in Trend Micro XDR is that you can drill down on the root-cause analysis for anything you find on the solution. I also like that it works for detection purposes. Behavior analytics is also what I like most about Trend Micro XDR. I love that it has features such as behavior detection, program detection, and memory scanning. By default, the solution protects against spyware, apart from the normal virus scan. Smart Scan and DLP are also available in Trend Micro XDR which I like as well."
"We can scale the product as needed."
"Trend Micro XDR is a comprehensive solution that is not overly complex to use or manage."
"We had previously deployed on-premises, and all we had to do was access the designated console and click a button to migrate all on-premises agents to cloud agents."
"Scaling is not a problem at all."
"The solution is stable."
"The telemetric report is the most valuable feature."
"We are very impressed with the single pane of glass visibility that Trend Micro XDR provides."
"There could be a way to proactively monitor unusual activity ."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"The documentation on their website is somewhat outdated and doesn't show properly. I wanted to try a query in Microsoft Defender 365. When I opened the related documentation from the security blog on the Microsoft website, the figures were not showing. It was difficult to understand the article without having the figures. The figures were there in the article, but they were not getting loaded, which made the article obsolete."
"I'd like to see a wider solution that includes not only desktop devices but also other devices, such as servers, storage cabinets, switching equipment, et cetera."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"The onboarding and offboarding need improvement. I work with other vendors as well, and they have an option to add a device or remove a device from the portal, whereas with Microsoft 365 Defender, we need to do that manually. However, once you do that, everything can be controlled through the portal, but getting the device onboarded and offboarded is currently manual. If we have an option to simply remove a device from the portal or get a device added from the portal, it would be more convenient. The rest of the features are similar. This is the only area where I found it different from others. I would also like to be able to simply filter with a few of the queries that are already there."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"We would also like to have advanced tech protection and email scanning."
"I would like to see better protection, specifically to protect email applications."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"The support has been delayed at times."
"It would be better if it were more user-friendly. It would also be better if the implementation were more straightforward."
"Also, XDR should improve its coverage of the latest IOCs. Their suspicious object management works, but the coverage should be improved. It will take one or two months to get those things covered. XDR will detect on a behavioral basis, but these databases will not get updated daily like some other solutions. If you're dealing with new ransomware or malware, it may take around a month before it's covered by Trend Micro."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"The price could be lower."
"While the continuous addition of features is commendable, the sheer volume of changes makes it difficult to stay abreast of the latest developments."
"It should integrate with more tools. There are a lot of tools that can do the PTP dump."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Micro Apex One, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Fortinet FortiEDR. See our Cortex XDR by Palo Alto Networks vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.