We performed a comparison between Cortex XDR by Palo Alto Networks and Mandiant Advantage based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"Microsoft Defender's most critical component is its CASB solution. It has many built-in policies that can improve your organization's cloud security posture. It's effective regardless of where your users are, which is critical because most users are working from home. It's cloud-based, so nothing is on-premise."
"The unified view of the threat landscape on a central dashboard is the most valuable feature."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"Microsoft 365 Defender is simple to upgrade."
"All of the security components are valuable including, antiphishing, antispam, and stage three antivirus."
"The advantage of Microsoft Defender XDR has over other XDRs in the market is that it's easy to use. You can quickly differentiate between alerts, incidents, devices, software, etc. It's easier to investigate an incident, and you have so many options. You can automate investigations and use playbooks. There's also the live response session, which is something you can't find in any other XDR."
"They did what they said. This solution could apply to any scenario."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"The integrations are out-of-the-box, as are the playbooks."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources."
"The advantage of the solution is being able to go look up threat actors and get a lot of detailed information about different attacks and different tactics and general information about threats."
"It is so valuable to have someone performing these functions outside of our business hours when we don't have staff in the building. We've seen a lot of solid metrics on the amount of malware that it's detecting and resolving. We're pleased with it so far."
"The feature I have found most valuable is directory monitoring. We experienced an instance of threat actors trying to ensure a complex and massive attack against our customer's infrastructure on the forum. That is, they were animating people on a formum. The solution alerted us to this two days ahead of the attack, which gave us plenty of time to prepare for it."
"Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"I personally have not seen much evidence of how Defender can enhance the story of zero trust for enterprises."
"365 Defender has multiple subsets, including Defender for Cloud Apps. When integrating Defender for Cloud Apps with apps on third-party cloud platforms like AWS or GCP, there are limitations on our ability to control user activities. If Microsoft added more control over third-party products, that would be a game-changer and help us quite a lot."
"The abundance of sub-dashboards and sub-areas within the main dashboard can be confusing, even if it all technically makes sense."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"The web filtering solution needs to be improved because currently, it is very simple."
"There's an overall lack of features."
"The GUI could be improved."
"Impact on system performance is horrible, adding a lot of delays for users."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"It would be good to have a better way to search for a file within the UI."
"Mandiant's on-prem client is too processor-intensive, so it's putting a strain on the local device's CPU. When a scan is running on the device, the other processing tasks slow to a crawl. We're still trying to figure out the correct settings for the client."
"They could have better support. Now that they've merged, they are moving towards a portal system, which isn't very helpful."
"I think that the data query that is used for data cloud language should be improved. It's really hard to query actual data from the platform."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Mandiant Advantage is ranked 20th in Extended Detection and Response (XDR) with 3 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Mandiant Advantage is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Mandiant Advantage writes "It gives us peace of mind that issues can be addressed when our core IT team isn't working". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiEDR, whereas Mandiant Advantage is most compared with CrowdStrike Falcon, Cortex Xpanse, Cymulate, Microsoft Defender External Attack Surface Management and ThreatConnect Threat Intelligence Platform (TIP). See our Cortex XDR by Palo Alto Networks vs. Mandiant Advantage report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.