Cortex XDR by Palo Alto Networks Review

Improves our endpoint security posture in both performance (no scanning) and protection (NG AI/ML)

What is our primary use case?

We use Palo Alto Networks Traps (Version 6) to protect our endpoints against NG malware via behavior analysis, artificial intelligence and machine learning. Both the PA Traps endpoint logs, our PA firewall traffic logs and the Wildfire sandbox are used to provide immediate threat response and feed this information to the PA Threat Intelligence cloud.

How has it helped my organization?

Palo Alto Networks Traps improves our security posture and lowers risk by providing next-gen methods to combat against modern threats on all the major platforms.

What is most valuable?

The one feature that our organization finds most valuable is being able to control the USB ports on the endpoints

What needs improvement?

The MAC agent is not as robust feature-wise as the PC version. I need to control USB ports on MAC laptops and cannot. This is a MUST so I opened a case with Palo Alto and requested this feature for an upcoming update.

I would like to see more automation and self-healing for incidents that can be easily classified as malware.

For how long have I used the solution?

Less than one year.

What do I think about the stability of the solution?

No issues

What do I think about the scalability of the solution?

Palo Alto Networks Traps features excellent protection, cost and scalability. We are a small group of 4 employees and have 2 people dedicated to deployment and monitoring of 1400+ endpoints.

How are customer service and technical support?

Palo Alto Network's technical support is excellent. 

Which solution did I use previously and why did I switch?

Since we were a Fortinet shop, we previously used the FortiClient endpoint agent. We switched to Palo alto FWs and endpoint protection because it is a more mature product with advanced next-gen capabilities not available from the Fortinet solution.

How was the initial setup?

The initial setup was done by a Palo Alto certified service provider.

What was our ROI?

This product pays for itself with only one ransomware denial!

What's my experience with pricing, setup cost, and licensing?

Our license runs on a monthly basis with a recurring monthly charge. If you want additional options like secure remote access with policies, that requires an additional cost. 

Palo Alto Networks Traps does not apply secure remote access to devices without policies, which we are implementing. If you want to apply more policies, like an anti-virus program, anti-malware, or configurations for using a VPN on remote connections, that would also be an additional cost. We're not doing that.

Which other solutions did I evaluate?

Cylance, Carbon Black, Crowdstrike, Microsoft Windows Defender ATP, Sophos, SentinelONE

What other advice do I have?

On a scale from 1-10, I would rate Palo Alto Networks Traps with an eight. It is great, but I have some issues with the cost of the product license.

Which version of this solution are you currently using?

**Disclosure: I am a real user, and this review is based on my own experience and opinions.
More Cortex XDR by Palo Alto Networks reviews from users
...who work at a Healthcare Company
...who compared it with Cisco AMP for Endpoints
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: May 2021.
501,818 professionals have used our research since 2012.
Add a Comment