Cortex XDR by Palo Alto Networks Alternatives and Competitors

Get our free report covering CrowdStrike, Broadcom, Microsoft, and other competitors of Cortex XDR by Palo Alto Networks. Updated: April 2021.
502,104 professionals have used our research since 2012.

Read reviews of Cortex XDR by Palo Alto Networks alternatives and competitors

MK
Dy General Manager at a real estate/law firm with 501-1,000 employees
Real User
Top 5Leaderboard
Great user experience, very little maintenance required, and easy to set up

What is our primary use case?

The solution is primarily being used at our endpoint, which includes roaming users with laptops. It is being used in all of our servers at our data center. Our security team can monitor everything centrally using the Falcon dashboard. If there is an incident, our team can actually go to the root cause of the incident to try to solve it there.

Pros and Cons

  • "There's almost no maintenance required. It's very low if there's any at all."
  • "The solution needs to have integration with on-premises security devices and security facilities. That means all the security products, including the perimeter firewall, the DMZ."

What other advice do I have?

We're a customer. We don't have a business partnership with this solution. I'm not sure which version of the solution we're using right now. It is the latest, as far as I know. We're currently running a POC with it. In today's environment, it's very crucial to protect a company from ransomware, and malware. We focus mainly on avoiding these types of attacks. We're always interested in the latest tools that have the latest techniques and are effective in our environment. On top of that. we've noticed during the pandemic, there are even more threats happening. We need to focus most of our energy…
MP
Senior Director, Platform Development at a tech services company with 51-200 employees
Real User
Top 10
Self-monitoring, easy to deploy, and stable

What is our primary use case?

We have a bunch of instances in production and Dev infrastructure. We use it to protect Linux boxes, PCs, and Macs. We are using the latest version.

Pros and Cons

  • "The ease of deployment and the command center that they have are the most valuable. It is basically self-monitoring. It doesn't require that much tinkering after you deploy or install."
  • "It could have a 10,000-feet overview of the whole infrastructure because the software is easily installable on the whole infrastructure and not just the infrastructure, but also the workstation themselves. I would love to have a 360 view of the whole network and basically see from where a test is coming, and if there is an instance in the cloud that is actually misbehaving or if there is a workstation that is infected and stuff like that. It can also have some kind of AI to detect all those things and then cut off the connection from that machine. In Cortex, you can link the logs, reports, and all that stuff. You can also see the full picture of when it happened, and you can trace it back all the way to a file or something else. I would like to see similar functionality in Avast Business Endpoint Protection."

What other advice do I have?

It is pretty much straightforward to set up. Installation and updates are the only two steps. If you're setting up your company from scratch in the beginning, then I would suggest to buy it and then basically get it installed on every image. For a bigger company or for each personal computer or workstation, you can install it as an image. It will then already be there, and you don't have to bother with installing it later. For your cloud infrastructure, if you have an AMI, AWS, or any kind of image, that image should be updated with that software. The only thing that you need to change is the…
IG
Senior Infrastructure and Security Engineer at a manufacturing company with 51-200 employees
Real User
Top 20
Allows us to lock the environment pretty tightly and protects our organization

Pros and Cons

  • "I like its protection very much. It protects and allows us to lock the environment pretty tightly. Nothing that is not approved through Carbon Black can run in the environment. There is no default. Everything goes through Carbon Black Protect, and everything has to be first approved. Every software is considered to be guilty before prove innocent."
  • "It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."

What other advice do I have?

It does everything that we need. We can configure it very strongly and lock the environment, which sometimes can create an administrative headache for us and some hassle for users because the users cannot install some of the software and have to ask us to enable the software, but it is exactly what we wanted. I'm pretty happy with this solution, but unfortunately, at this point, we will have to stop using this solution, but this is not what we want. We are going to use Cortex XDR, but we are not sure if it is possible to work back to back with Carbon Black. Cortex initially told us that Carbon…
CL
Cyber Security Consultant at a tech services company with 10,001+ employees
Real User
Good ability to respond to zero-day and unknown threats, but automating the threat response needs improvement

What is our primary use case?

We are an IT company and this is one of the solutions that we implement for our customers. I am a pre-sales solution architect in charge of cybersecurity.

Pros and Cons

  • "The most valuable feature is the ability to respond to zero-day and unknown threats."
  • "Our customers would like to see more automation with respect to how threats are handled once they have been detected."

What other advice do I have?

I have not received much feedback but Cylance seems to be able to meet our customers' requirements for the time being. I would rate this solution a seven out of ten.
RD
Systeem / Netwerkbeheerder at a financial services firm with 51-200 employees
Real User
Has good configuration and is easy and simple to use

What is our primary use case?

We use the private deployment model of this solution. Our cloud provider is Microsoft. Our primary use case of FortiClient is for administrative purposes.

What is most valuable?

The configuration is the most valuable feature. It is also simple and easy to use. 

What needs improvement?

The pricing could use improvement. It should be cheaper.  The reporting can also always be better. 

For how long have I used the solution?

I have been using FortiClient for a few months now.

What do I think about the stability of the solution?

It is stable. 

What do I think about the scalability of the solution?

We have around ten users using this solution. They are primarily system administrators. We require only three people for the maintenance. 

How are

Get our free report covering CrowdStrike, Broadcom, Microsoft, and other competitors of Cortex XDR by Palo Alto Networks. Updated: April 2021.
502,104 professionals have used our research since 2012.