Cortex XDR by Palo Alto Networks Overview

Cortex XDR by Palo Alto Networks is the #1 ranked solution in our list of XDR Security products. It is most often compared to CrowdStrike Falcon: Cortex XDR by Palo Alto Networks vs CrowdStrike Falcon

What is Cortex XDR by Palo Alto Networks?

Cortex XDR by Palo Alto Networks is the world's first detection and response app that natively integrates network, endpoint and cloud data to stop sophisticated attacks. Cortex XDR by Palo Alto Networks accurately detects threats with behavioral analytics and reveals the root cause to speed up investigations.

Cortex XDR by Palo Alto Networks is also known as Cyvera, Cortex XDR, Palo Alto Networks Traps.

Cortex XDR by Palo Alto Networks Buyer's Guide

Download the Cortex XDR by Palo Alto Networks Buyer's Guide including reviews and more. Updated: February 2021

Cortex XDR by Palo Alto Networks Customers

CBI Health Group, University Honda, VakifBank

Cortex XDR by Palo Alto Networks Video

Pricing Advice

What users are saying about Cortex XDR by Palo Alto Networks pricing:
  • "When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
  • "Its pricing is kind of in line with its competitors and everybody else out there."
  • "The pricing is a little high. It is per user per year."

Cortex XDR by Palo Alto Networks Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Netw9886
Network Manager of Cyber Defence at a government with 1,001-5,000 employees
Real User
Mar 4, 2019
Runs in the background and sends things directly to the cloud for sandboxing

What is our primary use case?

We used it for malware detection and to detect weird DNS calls. Overall, it was for endpoint protection.

Pros and Cons

  • "The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
  • "There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."

What other advice do I have?

Make sure you have a proper inventory of all the applications running. That's something we should have done to start with. We intended to do so but because we're using very strange applications to deal with satellite imagery, and it was giving us some issues. For somebody who's using the standard Microsoft Office, it's really straightforward. But if you have exotic applications, then make sure you test it before you deploy it. You will have issues. To maintain it, the only thing you have to do is download the latest updates and install them. After that, the only maintenance you need is…
reviewer1237689
Network Designer at a computer software company with 1,001-5,000 employees
Real User
Oct 23, 2020
Easy to set up with excellent trend analytics and isolation feature

What is our primary use case?

We primarily use the product as endpoint security which we have deployed on all servers and locations. This is not limited to the endpoint, however, as it has further integration with the firewalls and email solutions. Therefore, it can give us quick visibility in case there is any malicious or suspicious activity happening.

Pros and Cons

  • "The initial setup is pretty easy."
  • "In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."

What other advice do I have?

While we deal with the cloud deployment model, we've also often used the on-premises deployment. I'd advise other companies to use the solution. It really is the best one out there. Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: February 2021.
464,369 professionals have used our research since 2012.
reviewer1388277
Senior Information Security Architect at a tech services company with 201-500 employees
Real User
Aug 4, 2020
Great machine learning capabilities, a strong cloud platform and good overall features

What is our primary use case?

I primarily use this solution for my clients. I don't use the solution myself.

Pros and Cons

  • "It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."
  • "The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."

What other advice do I have?

We have a partnership with Palo Alto. I'm a consultant, I'm pre-sales as a technical sales engineer. I try to show the value of any product for the customer. I don't actually use the solution myself. The solution does not have an on-premises option. It's only available on the cloud. For XDR new users just need to make sure they have the right policies in place. The solution does offer pre-configured policies. Organizations will want to make sure it is actually fitting them in the places where they will be working best. It's important as well that they don't make it a default selection. Users…
ConsulSec67
Security Consultant at a tech services company with 51-200 employees
Reseller
Jul 16, 2019
Great security protection modules and is a very stable solution

Pros and Cons

  • "It's very stable. I've never experienced downtime for the ASM console or ASM core."
  • "In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."

What other advice do I have?

The main advice I can share is to watch out for your database and make sure to give it enough resources. That's it. I would rate this solution eight out of 10.
Jeff Wolach
Vice President / Chief Technology Officer at Sinnott Wolach Technology Group
Reseller
Top 20
Jan 8, 2021
A stable, scalable, and user-friendly solution that comes with good support and stitches everything together to provide the actual complete picture

What is our primary use case?

We use it for our own company as well for our clients. It is mainly used for protecting the endpoints. Like everybody else nowadays, we're all working from home, and we have access to data on the public cloud, private cloud, and on-prem. We got to make sure that we're not exposing our endpoints to anything out there that could be malicious and that could cause any problems within our networking environment.

Pros and Cons

  • "The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
  • "A little bit more automation would be nice."

What other advice do I have?

You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together. I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.
reviewer1371849
CIO/CTO at a manufacturing company with 501-1,000 employees
Real User
Top 5
Jul 10, 2020
Good GUI, however lacks features overall and tends to eat memory

What is our primary use case?

We primarily use the solution for our endpoint server and endpoint protection.

Pros and Cons

  • "They have a new GUI which is just fantastic."
  • "There's an overall lack of features."

What other advice do I have?

We simply use the solution as a customer. I would not recommend the solution. I'd advise other companies to rather go with Palo Alto's firewall as a better option. I've already advised others not to touch it. It's not worth it at all to even consider using it. I'd rate the solution six out of ten. Their new GUI is very nice, however, as a professional service, it's lacking in a lot of areas.
Darshil Sanghvi
Technology Consultant at a tech services company with 501-1,000 employees
Consultant
Top 5
Nov 27, 2020
User friendly, stable, and automatically correlates events and logs

What is our primary use case?

We mainly use it for endpoint protection, exploit prevention, and malware prevention.

Pros and Cons

  • "It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
  • "It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."

What other advice do I have?

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex. I would rate Cortex XDR a nine out of ten.
Fred TANG
System Manager at a consumer goods company with 10,001+ employees
Real User
Top 5Leaderboard
Aug 30, 2020
This is a recommended solution for total end-to-end protection

What is our primary use case?

We are still in the testing stages so there is not currently any primary use case beyond the base use of endpoint protection.

Pros and Cons

  • "Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
  • "The connection to the internet has not performed as expected."

What other advice do I have?

My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability. On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The…
See 11 more Cortex XDR by Palo Alto Networks Reviews
Buyer's Guide
Download our free Cortex XDR by Palo Alto Networks Report and get advice and tips from experienced pros sharing their opinions.