We performed a comparison between Palo Alto Networks Cortex XSOAR and SECDO Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The AI and ML of Azure Sentinel are valuable. We can use machine learning models at the tenant level and within Office 365 and Microsoft stack. We don't need to depend upon any other connectors. It automatically provisions the native Microsoft products."
"It's pretty powerful and its performance is pretty good."
"I like the ability to run custom KQL queries. I don't know if that feature is specific to Sentinel. As far as I know, they are using technology built into Azure's Log Analytics app. Sentinel integrates with that, and we use this functionality heavily."
"It's easy to use. It's a very good product. It can easily ingest data from anywhere. It has an easily understandable language to perform actions."
"The most valuable features in my experience are the UEBA, LDAP, the threat scheduler, and integration with third-party straight perform like the MISP."
"The analytic rule is the most valuable feature."
"The solution has features that helped improve the security posture of our clients. It provides the ability to correlate a large variety of log sources very cost-effectively, especially for Microsoft sources."
"The Identity Behavior tab furnishes us with the entire history linked to each IP or domain that has either accessed or attempted to access our system."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"It is a scalable solution. I would rate scalability a ten out of ten."
"It is a scalable solution."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"Many different playbooks are available and can be customized."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"The ease of deployment is a valuable feature."
"It basically automates the entire alert investigation process."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"The on-prem log sources still require a lot of development."
"Currently, the watchlist feature is being utilized, and although there have been improvements, it is still not fully optimized."
"The built-in SOAR is not really good out-of-the-box. The SOAR relies on logic apps and you almost need to have some kind of developer background to be able to make these logic apps. Most security people cannot develop anything..."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Some of the data connectors are outdated, at least the ones that utilize Linux machines for log forwarding. I believe that Microsoft is already working on improving this."
"If I can use Sentinel offline at home and use it on a local network, it would be great. I'm not sure if I can use Sentinel offline versus the tools I have."
"The product can be improved by reducing the cost to use AI machine learning."
"We do see continuous improvement all the time, however, I haven't got a specific feature that is lacking or not well designed."
"Previously, when Demisto was, there was a community edition; we could use it, reinstall it, and customize it. Since Palo Alto took over, it has become more financially oriented. It's business, but they could offer a pro model and a lighter model for different needs."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"The solution should be made a bit cheaper."
"It doesn't offer automatic internet reports out of the box."
"With Palo Alto Networks Cortex XSOAR, managing its setup phase can be a complicated task."
"The platform’s setup procedures could be streamlined compared to one of its competitors."
"The solution's correlation rules and playbooks should be improved."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"Maybe the notifications setting could use a simpler setting."
"The price should be reduced in order to be more competitive in the market."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while SECDO Platform is ranked 9th in Security Incident Response. Palo Alto Networks Cortex XSOAR is rated 8.4, while SECDO Platform is rated 9.0. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and ServiceNow Security Operations, whereas SECDO Platform is most compared with Fortinet FortiSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.