We performed a comparison between Cortex XDR by Palo Alto Networks and Trend Micro XDR based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Trend Micro XDR is commended for its holistic approach to preventing, real-time visualization, and ability to prioritize network-based detection and response. Trend Micro XDR should improve integration, overhaul its web interface, and strengthen its business relationships.
Service and Support: Some customers were impressed with Palo Alto's support, while others reported mixed experiences. Some customers have found Trend Micro’s customer service to be helpful and responsive, while others have encountered challenges with technical support in complex situations.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. The initial setup of Trend Micro XDR is straightforward and fast, but it may require the involvement of several technical professionals.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. Some reviews noted that Trend Micro XDR might be too costly for small organizations, but others found the price reasonable.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Trend Micro XDR delivers value through automation. Its efficient alerts ensure timely threat detection and prevention.
Comparison Results: Our users prefer Cortex XDR over Trend Micro XDR. Cortex XDR offers a robust and user-friendly platform with advanced features like threat identification and detection and seamless integration with other solutions. Users appreciate the simplicity and efficiency of its installation process. Trend Micro XDR falls short in terms of integration capabilities and receives mixed reviews regarding technical support.
"Advanced hunting is good. I like that. We can drill down to lots of details."
"The most valuable feature is the network security."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"We can use Defender to block and monitor for security purposes without needing multiple other products to do different tasks."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"The ability to integrate and observe a more cohesive narrative across the products is crucial."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"It's a nice product that's stable and scalable."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"It'll not slow down your system when compared to others."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"From a single pane of glass, you can easily manage all of your endpoints."
"Its detection rate is valuable. It is really an easy product to install and manage. It is quite effective at what it does, and if needed, it can also be co-managed, which means 24 hours and seven days a week monitoring through a SOC."
"I like Vision One's observed attack techniques feature. It lets you see what an attacker is doing, how they have tried to exploit a machine, or how malicious code is operating. It helps us discover indicators of compromise so we can write better rules for detection."
"The integration is also nice because there are many external tools that we can connect to the platform, such as configuration management tools. Because the platform is integrated, I can manage almost the whole company across our global organization."
"We haven't had any issues with configurations or customizations."
"I like Vision One's workbench. It provides helpful logs that I can search, and the telemetry is excellent because I can see what's happening during an attack or potential attack."
"I appreciate the value of real-time activity monitoring."
"I can prevent my environment from different types of attacks based on what I see in the Vision One console."
"I like the workbench. It is a view of all the alerts or problems in your estate. The visibility that it provides to engineers is very useful. It is one thing having lots of alerts. It is another thing to have something to correlate all your alerts into a workbench for you so that you can see what is going on."
"The capability to not only thwart attacks but also to adapt to evolving threats is crucial."
"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"I would like more of the features in Defender for 365 to be included in the smaller licenses. Even if I buy a small license and don't need everything, security shouldn't be a question. Security is one of the main aspects of all projects from our side, so it would be nice to have more features in the smaller licenses."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"The price could be better. It'll also help if they can continuously update and upgrade the solution. Every day there's a new virus uploaded into the network, and we have to keep updating it to identify all these things."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"The data recovery and backup could be improved."
"The management features could be improved, particularly in terms of better integration with Intune, Microsoft's cloud-based management solution."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"We would also like to have advanced tech protection and email scanning."
"The price could be a little lower."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"There's an overall lack of features."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"The solution lacks compatibility with other products. It needs to integrate better with other surrounding solutions."
"The solution only supports Windows and Mac. It would be helpful if it could support other OS, such as Linux."
"The support has been delayed at times."
"The area for improvement is mobile security. We have just finished a proof of concept for Zero Trust Secure Access. We withdrew from this PoC because it does not have that many points for proxy across Europe. Our organization is across Europe... At this time, they are only located in Germany and the UK."
"They have a DLP module in Tredn Moicros and they need to enhance its capabilities."
"Reporting could be a little bit better. They are working on it, and it is getting better."
"Having more variables within the playbook would be useful. It would allow us to have more refined playbooks for the business. It would allow us to take stronger action through a playbook. It will give us confidence to target a particular area of business where our risk tolerance might be higher or lower. We would like to have more granular playbooks."
"While blocking an IP address restricts access for 30 days, it eventually becomes accessible again."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Trend Vision One is ranked 6th in Extended Detection and Response (XDR) with 43 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Trend Vision One is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Trend Vision One writes "The integration of toolsets is key, enabling automation, and vendor has been tremendous partner for us". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiClient, whereas Trend Vision One is most compared with CrowdStrike Falcon, Trend Vision One Endpoint Security, SentinelOne Singularity Complete, Microsoft Defender for Endpoint and Fortinet FortiEDR. See our Cortex XDR by Palo Alto Networks vs. Trend Vision One report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.