What is our primary use case?
We use it for our own company as well for our clients. It is mainly used for protecting the endpoints. Like everybody else nowadays, we're all working from home, and we have access to data on the public cloud, private cloud, and on-prem. We got to make sure that we're not exposing our endpoints to anything out there that could be malicious and that could cause any problems within our networking environment.
How has it helped my organization?
It has absolutely improved the way our organization functions. We are more secure. It is giving us more peace of mind, and it is doing what it is doing. It has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it.
What is most valuable?
The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.
The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that.
What needs improvement?
A little bit more automation would be nice.
For how long have I used the solution?
We've been a reseller for Palo Alto for 13 years. I have been using it for quite a while. They had bought Cyvera for the endpoint security, which was obviously the base for Cortex XDR. I have been seeing how it actually progressed from just a straight endpoint security solution that was a little clunky at one time to a very streamlined, effective solution today.
What do I think about the stability of the solution?
It is stable. I haven't found any issues.
What do I think about the scalability of the solution?
It is extremely easy to scale. We have about 20 users, and their roles stem from sales to technical, marketing, and administrative.
How are customer service and technical support?
Palo Alto has got very good tech support. I would give them a ten out of ten.
Which solution did I use previously and why did I switch?
At one time, I tried Cylance, and it just wasn't that effective for what we needed. At the time, it wasn't really an EDR solution.
How was the initial setup?
The initial setup was very straightforward and easy.
What's my experience with pricing, setup cost, and licensing?
Its pricing is kind of in line with its competitors and everybody else out there.
What other advice do I have?
You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together.
I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.
Which deployment model are you using for this solution?
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Which version of this solution are you currently using?