Palo Alto Networks Cortex XSOAR OverviewUNIXBusinessApplication

Palo Alto Networks Cortex XSOAR is the #3 ranked solution in our list of SOAR tools. It is most often compared to Splunk Phantom: Palo Alto Networks Cortex XSOAR vs Splunk Phantom

What is Palo Alto Networks Cortex XSOAR?

Demisto Enterprise delivers a complete solution that helps Tier-1 through Tier-3 analysts and SOC managers to optimize the entire incident life cycle while auto documenting and journaling all the evidence. More than 100+ integrations enable security orchestration workflows for incident management and other critical security operation tasks.

Palo Alto Networks Cortex XSOAR is also known as Demisto Enterprise, Cortex XSOAR, Demisto.

Buyer's Guide

Download the Security Orchestration Automation and Response (SOAR) Buyer's Guide including reviews and more. Updated: September 2021

Palo Alto Networks Cortex XSOAR Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity

Palo Alto Networks Cortex XSOAR Video

Pricing Advice

What users are saying about Palo Alto Networks Cortex XSOAR pricing:
  • "It is approx $10,000 or $20,000 per year for two user licenses."
  • "There is a yearly license required for this solution and it is expensive."
  • "From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
  • "There is a perception that it is priced very high compared to other solutions."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
ML
Splunker, Networking and E-Mail Security Architect, Engineer and Guru at a healthcare company with 10,001+ employees
Real User
Top 20
Easy to use, stable, scalable, and has responsive support

What is our primary use case?

We use Palo Alto Networks Cortex XSOAR for several areas of security automation, such as phishing, investigating, mitigating, the detection of impossible travel, and consolidating threat information for our internal systems.

Pros and Cons

  • "It has an extensive list of integrations that are available out of the box which makes it easy to start."
  • "I would love to see more flexibility on what we can display and design on the dashboards."

What other advice do I have?

Have a very good understanding of what you want to automate. Define the process and make sure the integrations you need are available out of the box. I would also suggest starting simple. Try easy use cases first and until you feel confident before you get into more complex use cases. I would rate Palo Alto Networks Cortex XSOAR a nine out of ten.
reviewer1285209
Tech Lead at a tech services company with 1,001-5,000 employees
Real User
Top 5Leaderboard
User-friendly and robust with good technical support

What is our primary use case?

I primarily pitch and sell this solution to our customers. We do product assessments and consult with customers for the most part. Clients can use it for automation.

Pros and Cons

  • "The automation is excellent."
  • "When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."

What other advice do I have?

We are a partner for Palo Alto. I have been certified with them. I did certifications around their certificates when they were Demisto, however, right now, we are Palo Alto partners. It's not a SIEM product, however, it's a next-gen automation platform for SIEM SOC services. I'd advise companies considering the solution to assess the existing environment before they go ahead and choose something. This solution is basically built for a vast organization or a medium and big organization. Smaller organizations have other options which are available to them that might be more appropriate…
Find out what your peers are saying about Palo Alto Networks, Splunk, IBM and others in Security Orchestration Automation and Response (SOAR). Updated: September 2021.
535,544 professionals have used our research since 2012.
SB
Vice President Global Technology Infrastructure Automation at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Detects and whitelists certain IP addresses based on where they're coming from

What is our primary use case?

We use Palo Alto as a firewall, a system for detecting and whitelisting certain IP addresses or to block certain IP addresses based on where they're coming from. We then send the logs to another log management tool for more forensics and analysis before we make a decision. We're basically using Palo Alto for firewalling and sending those logs to another security monitoring tool to make decisions based on analytics that it provides us.

Pros and Cons

  • "The solution is very reliable."
  • "The solution is very expensive."

What other advice do I have?

I'm not sure which version of the solution we're using at this time. I'd rate the solution at an eight out of ten. We've been quite pleased with its capabilities. The only thing is it is pretty expensive. I'd recommend other users work both with Palo Alto and Fortinet. They are great together. They compliment each other nicely.
RP
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
MSP
Top 5Leaderboard
Easy to set up with good technical support and good stability

What is our primary use case?

We primarily use the solution for automation and the orchestration of security.

Pros and Cons

  • "The pricing is very good."
  • "The user interface could be a bit better."

What other advice do I have?

We have the solution integrated into our QRadar. In the time we've used it, from what I've experienced, I'd rate the product at an eight out of ten. We've had a very positive experience. I would recommend the solution to other companies.
Darshil Sanghvi
Consultant at a tech services company with 501-1,000 employees
Reseller
Top 5Leaderboard
High level log overviews, integrates well, and effective orchestration

What is our primary use case?

We are using this solution to have a completely organized SOC from a list of devices in our environment. We are able to manage all of our devices, such as firewalls and endpoint protection solutions.

Pros and Cons

  • "The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
  • "There should be an on-premise version available for customers to have different choices."

What other advice do I have?

I would recommend this solution to those that already have a SOC or a NOC. It will enhance their logs and XSOAR will handle their internet activities. If they are not involved with SOCs or NOCs then I do not think they require this solution. I rate Palo Alto Networks Cortex XSOAR an eight out of ten.
Shubham Agarwal
Network Security Engineer at a tech services company with 201-500 employees
Real User
Top 10
Very scalable, awesome automation, and awesome technical support

What is our primary use case?

The use cases basically came from the customers. Most of the time, the major concern is from a security perspective because various kinds of attacks are happening. To restrict or stop those attacks, we are building playbooks. We are also automating repetitive tasks. We are using on-premise as well as cloud deployments.

Pros and Cons

  • "The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
  • "For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added."

What other advice do I have?

For each SOC and MSS environment, I would recommend using Cortex XSOAR for better productivity, scalability, performance, and efficiency. A lot of manual work is happening right now, and that could be avoided. People can be utilized for more productive work. I would rate Palo Alto Network Cortex XSOAR an eight out of ten.
VS
Director at a tech services company with 11-50 employees
Reseller
Top 10
Simple to use, good documentation, and integrates well into the environment

What is our primary use case?

We are a solution provider and this is one of the products that we are selling to our clients.

Pros and Cons

  • "The most valuable features are simplicity and ease of integration."
  • "Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners."

What other advice do I have?

Demisto is a product that I recommend. I would rate this solution an eight out of ten.
Buyer's Guide
Download our free Security Orchestration Automation and Response (SOAR) Report and find out what your peers are saying about Palo Alto Networks, Splunk, IBM, and more!