Most Helpful Review
Strong IDS solution, easy deployment, coverage across multiple platforms with at-a-glance dashboard and many more...
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Endpoint and other solutions. Updated: January 2021.
455,108 professionals have used our research since 2012.
We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
"Its most valuable features are its scalability and advanced threat protection for customers."
"I am told that we get over 100 million emails a month. This filters them down and allows only somewhere about three million emails, which is a great help."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"The most valuable features of this solution are the IPS and the integration with ISE."
"The simplicity of use is its most valuable feature. You can very clearly see things."
"The stability of the solution is perfect. I believe it's the most stable solution on the market right now."
"I am really satisfied with the technical support."
"It is a very stable program."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."
"After deploying Traps, we saw the performance of the network improve by 65 to 70 percent."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"The patch management is very easy, as it can be done automatically or added to a schedule."
"Provides good vulnerability assessment."
"It shows us the risky sign-ins, and if a user's password has been compromised."
"What I like most is the protection against phishing emails and anti-spam."
"It integrates very well with all Windows workstations or other Microsoft Endpoint products. It also works quite well. So far, I have not had any issue that hasn't been sorted out. It doesn't use too many resources, so you don't have to install different things."
"Its simplicity is the most valuable. It also has very good integration. We like it."
"We would like to have an API integration with a SIEM solution, because as far as I know, it currently hasn't yet been released."
"I would like them to add whatever makes filtering more advanced in scanning and blocking for malware in emails."
"The solution needs more in-depth analytics."
"In the next version of this solution, I would like to see the addition of local authentication."
"The initial setup is a bit complex because you need to execute existing antiviruses or security software that you have on your device."
"In the next release, I would for it to have back up abilities. I would like the ability to go back to a point in time to when my PC was uninfected and to the moment of when the infection happened."
"The reporting and analytics areas of the solution need to be improved."
"I would like more seamless integration."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"Managing the product should be easier."
"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"I would like to see better integration with their other security products to give better visibility from a higher level."
"The GUI is very complex and could be more user friendly."
"I am not sure if I will be using this product in the future because of the price."
"If they integrate with the EDR then it will benefit this solution."
"The scanning is slow when it is working with incoming emails."
"Its price could be better."
"Its interface can be improved a little bit. We would like to have some sort of centralization. It should have something like a central server that is managing all the other clients. There are solutions from Kaspersky or ESET NOD32 that are really doing this kind of thing currently. We would like to see something similar from Microsoft."
Pricing and Cost Advice
"The costs of 50 licenses of AMP for three years is around $9,360."
"The price is very good."
"The visibility that we have into the endpoint and the forensics that we're able to collect give us value for the price. This is not an overly expensive solution, considering all the things that are provided. You get great performance and value for the cost."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"In our case, it is a straightforward annual payment through our Enterprise Agreement."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The Enterprise Agreement is like an all-you-can-eat buffet of Cisco products. In that vein, it was very affordable."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"It is "expensive" and flexible."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"The price was fine."
"If you don't purchase the advanced threat protection then there is no additional charge."
"Microsoft Defender ATP is expensive."
"When compared with other vendors, the pricing is very high."
"We sell this product as part of Office 365 and it is not expensive."
"It is within the same range as other products. It is not too expensive, and it is also not cheap. Its price can be better, but, well, it is Microsoft."
"Currently, for us, Windows Defender is free with the purchase of Windows Server. Pricing is an important point for us when we are looking at the competitors of this solution. If we choose to go with another vendor, we will have to pay some license fees."
Questions from the Community
Top Answer: The solution's integration capabilities are excellent. It's one of the best features.
Top Answer: Nice to have URL management, password protection of the app, more details of the machine & user running the app.
Top Answer: The primary use case is for endpoint protection. For the larger deployments, we use it for our policy enforcement as… more »
Ask a question
Earn 20 points
Compared 14% of the time.
Compared 12% of the time.
Compared 9% of the time.
Compared 7% of the time.
Compared 2% of the time.
Compared 18% of the time.
Compared 13% of the time.
Compared 10% of the time.
Compared 6% of the time.
Compared 3% of the time.
Compared 20% of the time.
Compared 9% of the time.
Compared 8% of the time.
Compared 8% of the time.
Compared 5% of the time.
Also Known As
|Cyvera, Cortex XDR, Palo Alto Networks Traps||Microsoft Defender ATP, Microsoft Defender Advanced Threat Protection|
|Cisco||Palo Alto Networks||Microsoft|
Advanced Malware Protection (AMP) is subscription-based, managed through a web-based management console, and deployed on a variety of platforms that protects endpoints, network, email and web Traffic. AMP key features include the following: Global threat intelligence to proactively defend against known and emerging threats, Advanced sandboxing that performs automated static and dynamic analysis of files against more than 700 behavioral indicators, Point-in-time malware detection and blocking in real time and Continuous analysis and retrospective security regardless of the file's disposition and Continuous analysis and retrospective security.
Cortex XDR by Palo Alto Networks is the world's first detection and response app that natively integrates network, endpoint and cloud data to stop sophisticated attacks. Cortex XDR by Palo Alto Networks accurately detects threats with behavioral analytics and reveals the root cause to speed up investigations.
Microsoft Defender ATP includes a configuration score to help you dynamically assess the security state of your enterprise network, identify unprotected systems, and take recommended actions to improve the overall security of your organization.
Learn more about Cisco AMP for Endpoints
Learn more about Cortex XDR by Palo Alto Networks
Learn more about Microsoft Defender for Endpoint
|Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank||CBI Health Group, University Honda, VakifBank||Petrofrac, Metro CSG, Christus Health|
Financial Services Firm7%
Comms Service Provider29%
Computer Software Company23%
Financial Services Firm4%
Mining And Metals Company14%
Program Development Consultancy7%
Computer Software Company27%
Comms Service Provider21%
Comms Service Provider26%
Computer Software Company21%
Financial Services Firm7%
Cortex XDR by Palo Alto Networks is ranked 5th in Endpoint Protection (EPP) for Business with 20 reviews while Microsoft Defender for Endpoint is ranked 20th in Endpoint Protection (EPP) for Business with 7 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Endpoint is rated 7.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Its multi-layer approach helps my organization with anti-malware, exploit protection, and restrictions". On the other hand, the top reviewer of Microsoft Defender for Endpoint writes "Good with vulnerability assessment and integrates well with Office 365 and Azure". Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Symantec End-user Endpoint Security, Microsoft Defender Antivirus, Carbon Black CB Defense and Check Point Endpoint Security, whereas Microsoft Defender for Endpoint is most compared with CrowdStrike Falcon, FireEye Endpoint Security, Tanium, SentinelOne and Symantec Endpoint Detection and Response. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Endpoint report.
See our list of best Endpoint Protection (EPP) for Business vendors.
We monitor all Endpoint Protection (EPP) for Business reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.