Palo Alto Networks Cortex XSOAR Overview

Palo Alto Networks Cortex XSOAR is the #3 ranked solution in our list of SOAR tools. It is most often compared to Splunk Phantom: Palo Alto Networks Cortex XSOAR vs Splunk Phantom

What is Palo Alto Networks Cortex XSOAR?

Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.

Palo Alto Networks Cortex XSOAR is also known as Demisto Enterprise, Cortex XSOAR, Demisto.

Buyer's Guide

Download the Security Orchestration Automation and Response (SOAR) Buyer's Guide including reviews and more. Updated: June 2021

Palo Alto Networks Cortex XSOAR Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity

Palo Alto Networks Cortex XSOAR Video

Pricing Advice

What users are saying about Palo Alto Networks Cortex XSOAR pricing:
  • "There is a yearly license required for this solution and it is expensive."
  • "From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
  • "There is a perception that it is priced very high compared to other solutions."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Tech Lead at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
User-friendly and robust with good technical support

What is our primary use case?

I primarily pitch and sell this solution to our customers. We do product assessments and consult with customers for the most part. Clients can use it for automation.

Pros and Cons

  • "The automation is excellent."
  • "When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."

What other advice do I have?

We are a partner for Palo Alto. I have been certified with them. I did certifications around their certificates when they were Demisto, however, right now, we are Palo Alto partners. It's not a SIEM product, however, it's a next-gen automation platform for SIEM SOC services. I'd advise companies considering the solution to assess the existing environment before they go ahead and choose something. This solution is basically built for a vast organization or a medium and big organization. Smaller organizations have other options which are available to them that might be more appropriate…
RP
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
MSP
Top 5Leaderboard
Easy to set up with good technical support and good stability

What is our primary use case?

We primarily use the solution for automation and the orchestration of security.

Pros and Cons

  • "The pricing is very good."
  • "The user interface could be a bit better."

What other advice do I have?

We have the solution integrated into our QRadar. In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience. I would recommend the solution to other companies.
Find out what your peers are saying about Palo Alto Networks, Splunk, IBM and others in Security Orchestration Automation and Response (SOAR). Updated: June 2021.
509,820 professionals have used our research since 2012.
Consultant at a tech services company with 501-1,000 employees
Real User
Top 5Leaderboard
High level log overviews, integrates well, and effective orchestration

What is our primary use case?

We are using this solution to have a completely organized SOC from a list of devices in our environment. We are able to manage all of our devices, such as firewalls and endpoint protection solutions.

Pros and Cons

  • "The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
  • "There should be an on-premise version available for customers to have different choices."

What other advice do I have?

I would recommend this solution to those that already have a SOC or a NOC. It will enhance their logs and XSOAR will handle their internet activities. If they are not involved with SOCs or NOCs then I do not think they require this solution. I rate Palo Alto Networks Cortex XSOAR an eight out of ten.
Network Security Engineer at a tech services company with 201-500 employees
Real User
Top 5
Very scalable, awesome automation, and awesome technical support

What is our primary use case?

The use cases basically came from the customers. Most of the time, the major concern is from a security perspective because various kinds of attacks are happening. To restrict or stop those attacks, we are building playbooks. We are also automating repetitive tasks. We are using on-premise as well as cloud deployments.

Pros and Cons

  • "The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
  • "For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."

What other advice do I have?

For each SOC and MSS environment, I would recommend using Cortex XSOAR for better productivity, scalability, performance, and efficiency. A lot of manual work is happening right now, and that could be avoided. People can be utilized for more productive work. I would rate Palo Alto Network Cortex XSOAR an eight out of ten.
VS
Director at a tech services company with 11-50 employees
Reseller
Top 5Leaderboard
Simple to use, good documentation, and integrates well into the environment

What is our primary use case?

We are a solution provider and this is one of the products that we are selling to our clients.

Pros and Cons

  • "The most valuable features are simplicity and ease of integration."
  • "Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."

What other advice do I have?

Demisto is a product that I recommend. I would rate this solution an eight out of ten.
Buyer's Guide
Download our free Security Orchestration Automation and Response (SOAR) Report and find out what your peers are saying about Palo Alto Networks, Splunk, IBM, and more!