We performed a comparison between Palo Alto Networks Cortex XSOAR and ThreatConnect Threat Intelligence Platform (TIP) based on real PeerSpot user reviews.
Find out in this report how the two Security Orchestration Automation and Response (SOAR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."It has a lot of great features."
"Previously, it was a little bit difficult to find where an incident came from, including which IP address and which country. So in Sentinel, it's very easy to find where the incident came from since we can easily get the information from the dashboard, after which we take action quickly."
"I like the unified security console. You can close incidents using Sentinel in all other Microsoft Security portals, when it comes to incident response."
"The most valuable features are its threat handling and detection. It's a powerful tool because it's based on machine learning and on the behavior of malware."
"The UI-based analytics are excellent."
"Sentinel also enables you to ingest data from your entire ecosystem and not just from the Microsoft ecosystem. It can receive data from third-party vendors' products such firewalls, network devices, and antivirus solutions. It's not only a Microsoft solution, it's for everything."
"The ability of all these solutions to work together natively is essential. We have an Azure subscription, including Log Analytics. This feature automatically acts as one of the security baselines and detects recommendations because it also integrates with Defender. We can pull the sysadmin logs from Azure. It's all seamless and native."
"The UI of Sentinel is very good and easy to use, even for beginners."
"It’s easy to install."
"The automation is excellent."
"From the security team's standpoint, the solution has improved our organization's overall cybersecurity."
"We use the solution to automate our SIEM tools and incidents."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"Cortex XSOAR's most valuable features are the playbooks, custom integration, the machine-learning model, and the layout, classifier, and mapper."
"The solution provides threat intelligence with EDR."
"I have found the solution very useful, it integrates well with other platforms."
"It's a solid platform and is stable enough. It is not complicated and is easy to use."
"ThreatConnect has a highly user-friendly interface."
"The most valuable features are ease of use and the ability to customize it."
"The product automatically generated a threat score based on the maliciousness of an IP."
More ThreatConnect Threat Intelligence Platform (TIP) Pros →
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"One key area that can be improved is by building a strong integration with our XDR platform."
"The solution should allow for a streamlined CI/CD procedure."
"I believe one of the challenges I encountered was the absence of live training sessions, even with the option to pay for them."
"While I appreciate the UI itself and the vast amount of information available on the platform, I'm finding the overall user experience to be frustrating due to frequent disconnections and the requirement to repeatedly re-authenticate."
"The on-prem log sources still require a lot of development."
"The reporting could be more structured."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"XSOAR could have more integration options."
"I would love to see more flexibility on what we can display and design on the dashboards."
"For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."
"The dashboard performance could be improved."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"They should provide integration with machine learning platforms."
"The solution’s price and technical support could be improved."
"The solution is complicated to learn."
"Integration is an area that could use some improvement."
"I couldn’t get any training videos online when I was working with the tool."
"They should make it a little bit easier to generate events and share them with the community"
"It would be good to have more feeds and more integrated sources for enrichment."
More ThreatConnect Threat Intelligence Platform (TIP) Cons →
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
More ThreatConnect Threat Intelligence Platform (TIP) Pricing and Cost Advice →
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 42 reviews while ThreatConnect Threat Intelligence Platform (TIP) is ranked 19th in Security Orchestration Automation and Response (SOAR) with 4 reviews. Palo Alto Networks Cortex XSOAR is rated 8.4, while ThreatConnect Threat Intelligence Platform (TIP) is rated 8.0. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of ThreatConnect Threat Intelligence Platform (TIP) writes "The tool could be integrated into any environment, but it was expensive, and the deployment process was complex". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and Arctic Wolf Managed Detection and Response, whereas ThreatConnect Threat Intelligence Platform (TIP) is most compared with Anomali ThreatStream, Recorded Future, ThreatQ, Anomali Match and Splunk SOAR. See our Palo Alto Networks Cortex XSOAR vs. ThreatConnect Threat Intelligence Platform (TIP) report.
See our list of best Security Orchestration Automation and Response (SOAR) vendors.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.