We performed a comparison between Palo Alto Networks Cortex XSOAR and SECDO Platform based on real PeerSpot user reviews.
Find out what your peers are saying about Microsoft, Palo Alto Networks, Splunk and others in Security Orchestration Automation and Response (SOAR)."The most valuable feature is the onboarding of the workloads. You can see all that has been onboarded in your account on the dashboards."
"The most valuable feature is the UEBA. It's very easy for a security operations analyst. It has a one-touch analysis where you can search for a particular entity, and you can get a complete overview of that entity or user."
"The connectivity and analytics are great."
"Microsoft Sentinel comes preloaded with templates for teaching and analytics rules."
"Free ingestion for Azure logs (with E5 licence)"
"Native integration with Microsoft security products or other Microsoft software is also crucial. For example, we can integrate Sentinel with Office 365 with one click. Other integrations aren't as easy. Sometimes, we have to do it manually."
"The analytics has a lot of advantages because there are 300 default use cases for rules and we can modify them per our environment. We can create other rules as well. Analytics is a useful feature."
"The main benefit is the ease of integration."
"I am satisfied with the product overall."
"Many different playbooks are available and can be customized."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"It is quite scalable. I would rate it a ten out of ten."
"It is a scalable solution."
"I chose Cortex XSOAR because the client also has Palo Alto firewalls. I can incorporate the data from the Palo Alto firewalls into Cortex and send it into the same data lake to manipulate that data. It lets me manage and monitor the data in one place."
"Palo Alto has gotten the investigators more presence to actually go in the report because being that the platform will email the investigator that it's been assigned to, now the investigators will jump in there and start going through the review process a lot quicker."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"Technical support is great. Palo Alto is extremely helpful and responsive."
"It basically automates the entire alert investigation process."
"The ease of deployment is a valuable feature."
"Documentation is the main thing that could be improved. In terms of product usage, the documentation is pretty good, but I'd like a lot more documentation on Kusto Query Language."
"I would like to see more AI used in processes."
"Sentinel provides decent visibility, but it's sometimes a little cumbersome to get to the information I want because there is so much information. I would also like to see more seamless integration between Sentinel and third-party security products."
"When it comes to ingesting Azure native log sources, some of the log sources are specific to the subscription, and it is not always very clear."
"Sometimes, we are observing large ingestion delays. We expect logs within 5 minutes, but it takes about 10 to 15 minutes."
"The learning curve could be improved. I am still learning it. We were able to implement the basic features to get them up and running, but there are still so many things that I don't know about all its features. They have a lot of features that we have not been able to use or apply. If they could work on reducing the solution's learning curve, that would be good. While there is a training course held by Microsoft to learn more about this solution, there is a cost associated with it."
"They can work on the EDR side of things... Every time we need to onboard these kinds of machines into the EDR, we need to do it with the help of Intune, to sync up the devices, and do the configuration. I'm looking for something on the EDR side that will reduce this kind of work."
"If Sentinel had a graphical user interface, it would be easier to use. I would also like it to be more customizable."
"Palo Alto needs to develop more AI-centric products."
"I think they should increase their collaboration base."
"It doesn't offer automatic internet reports out of the box."
"The formats are not compatible, are readily not available, and are not readable."
"There should be an on-premise version available for customers to have different choices."
"The solution is very expensive."
"The solution requires DV but does not support open-source DV elastic searches."
"The dashboard could be better."
"The price should be reduced in order to be more competitive in the market."
"Many will try to use this as an out-of-the-box solution, however, it needs to be configured to fit what a company would like to do with it."
"Maybe the notifications setting could use a simpler setting."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →
Earn 20 points
Palo Alto Networks Cortex XSOAR is ranked 2nd in Security Orchestration Automation and Response (SOAR) with 41 reviews while SECDO Platform is ranked 9th in Security Incident Response. Palo Alto Networks Cortex XSOAR is rated 8.4, while SECDO Platform is rated 9.0. The top reviewer of Palo Alto Networks Cortex XSOAR writes "Enables the investigators to go through the review process a lot quicker". On the other hand, the top reviewer of SECDO Platform writes "Great documentation, good technical support, and very in-depth". Palo Alto Networks Cortex XSOAR is most compared with Cortex XSIAM, Splunk SOAR, Fortinet FortiSOAR, Swimlane and IBM Resilient, whereas SECDO Platform is most compared with Fortinet FortiSOAR.
We monitor all Security Orchestration Automation and Response (SOAR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.