We performed a comparison between Palo Alto Networks Cortex XSOAR and Swimlane based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The pricing of the product is excellent."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"Sentinel is a SIEM and SOAR tool, so its automation is the best feature; we can reduce human interaction, freeing up our human resources."
"The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"The features that stand out are the detection engine and its integration with multiple data sources."
"It's pretty powerful and its performance is pretty good."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"Palo Alto is easy to use."
"We use the solution to automate our SIEM tools and incidents."
"The product can automate security tasks."
"The product is quite easy to use."
"The strengths of Palo Alto Networks Cortex XSOAR stem from the fact that it provides functionalities related to patching and URL blocking...It is a scalable solution."
"It is quite scalable. I would rate it a ten out of ten."
"It’s easy to install."
"Many different playbooks are available and can be customized."
"The technical support from Swimlane is very good."
"It provides us with a single portal for our logs from different solutions."
"The most valuable feature of the solution is the support."
"If you're looking to use canned queries, the interface could be a little more straightforward. It's not immediately intuitive regarding how you use it. You have to take a canned query and paste it into an operational box and then you hit a button... They could improve the ease of deploying these queries."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"The interface could be more user-friendly. It''s a small improvement that they could make if they wanted to."
"I can't think of anything other than just getting the name out there. I think a lot of customers don't fully understand the full capabilities of Azure Sentinel yet. It is kind of like when they're first starting to use Azure, it might not be something they first think about. So, they should just kind of get to the point where it is more widely used."
"Sentinel's alerts and notifications are not fully optimized for mobile devices. The overall reporting and the analytics processes for the end user should also be improved. Also, the compatibility and availability of data sources and reports are not always perfect."
"At the network level, there is a limitation in integrating some of the switches or routers with Microsoft Sentinel. Currently, SPAN traffic monitoring is not available in Microsoft Sentinel. I have heard that it is available in Defender for Identity, which is a different product. It would be good if LAN traffic monitoring or SPAN traffic monitoring is available in Microsoft Sentinel. It would add a lot of value. It is available in some of the competitor products in the market."
"Microsoft Sentinel should provide an alternative query language to KQL for users who lack KQL expertise."
"Microsoft should improve Sentinel, considering that from the legacy systems, it cannot collect logs."
"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"The dashboard could be better."
"Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."
"The integration could be better. Cortex, for example, does not work with iPhone."
"Palo Alto Networks Cortex XSOAR could improve the Panorama feature. We had to turn it off because it was not working properly."
"They should provide integration with machine learning platforms."
"It doesn't offer automatic internet reports out of the box."
"The solution’s price and technical support could be improved."
"The stability of the solution has room for improvement."
"The initial setup and deployment are complex."
"We faced a lot of issues with the product’s stability."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while Swimlane is ranked 17th in Security Orchestration Automation and Response (SOAR) with 3 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while Swimlane is rated 7.6. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of Swimlane writes "Great support, scalable, and easier to code". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, IBM Resilient and ServiceNow Security Operations, whereas Swimlane is most compared with Splunk SOAR, Tines, Fortinet FortiSOAR, ServiceNow Security Operations and Cyware Fusion and Threat Response. See our Palo Alto Networks Cortex XSOAR vs. Swimlane report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.