We performed a comparison between Cortex XDR by Palo Alto Networks and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Some customers were impressed with Palo Alto’s support, while others reported mixed experiences. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: Our users prefer Cortex XDR over Cisco SecureX. Cortex XDR stands out for its comprehensive platform and valuable features. Users praised its ease of use, threat identification capabilities, and minimal hardware resource consumption.
"The threat intelligence is excellent."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The visibility into threats is also very impressive because Microsoft helps you predict things and provides analytics to help you really improve your security. And all of this technology works across the domain, so it is pretty helpful in terms of threat analytics."
"Defender XDR has a feature called the timeline that lets you track all activities. It helps a lot with investigations."
"The Endpoint Manager is incredible; it has a very straightforward interface and is exceedingly easy to use. Pulling out and deploying different tags or resources is a simple task across various departments with different levels of security. The notifications are also simple and satisfying; it's great to see the bubble informing us which devices are compliant and which are waiting to update."
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The most valuable feature is the network security."
"I like how Microsoft XDR and the other Microsoft products are integrated into a single unified security stack covering identity access management, endpoint protection, email, cloud applications, etc."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"SecureX enables us to have all the threat intelligence and threat event data in one place."
"The most valuable feature is its ability to manage all the applications and visibility. For example, if there is malware, spam, or another component that wants to attack the company in my servers, network, or applications, then SecureX will react to the problem."
"The most beneficial feature of Cisco SecureX for cybersecurity efforts is its integration with other Cisco solutions and the environment. This sets it apart, as its APIs and overall integration capabilities are very strong. Additionally, its detection capabilities are commendable."
"Integrates well with our existing security infrastructure."
"The product has an intuitive dashboard."
"The interface is easy to use and it is more up to date than our previous solution."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"The only issue I've had is, when it comes to deployment, the steps I must take around policy setup. That is challenging."
"While the XDR platform offers valuable functionalities, it falls short of other solutions in its ability to deliver a cohesive identity experience."
"Defender XDR could provide recommendations for threat-hunting queries. Some people do not know how to write an advanced threat query, so we need to spend time training them."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"When discussing the secure score, which includes overviews and recommended actions, some of these recommended actions are not applicable to us, particularly those related to Microsoft Internet Explorer, which we do not use in any of our environments."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The solution does not offer a unified response and standard data."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"One of the improvements the product needs is more integration with collaboration platforms."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"The playbooks provided with the product are great, although I would appreciate having more playbooks available. Threats are constantly evolving, so having access to updated playbooks is crucial."
"The automation and orchestration could be simpler. It could be that all the other parts are that easy to use so that these stick out as a negative, but that's the trickiest part for us. The workflows within the orchestration are just a bit more difficult."
"Remediation stuff could be integrated into the product's automation."
"what's missing right now is the multi-tenant capability."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"The playbooks could be improved to include more functionalities or actions."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 13th in Extended Detection and Response (XDR) with 13 reviews while Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". Cisco SecureX is most compared with Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics, Wazuh and Fortinet FortiSOAR, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, Darktrace, CrowdStrike Falcon, Symantec Endpoint Security and Fortinet FortiEDR. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
