Cortex XDR by Palo Alto Networks Benefits

AK
Information Technology Manager at a hospitality company with 10,001+ employees

After deploying Traps, we saw the performance of the network improve by 65 to 70 percent. There was a drop in the latency rate over the application, when accessed via our users. We received feedback from users that usually when they were downloading a bunch of things or browsing the Internet, ad popups would spring up which are a gateway to bring viruses and stick in temp files. This improved a lot because Traps occasionally gives an alert to them to be careful, such as don't go on play on this site and download malicious things. The overall performance of the entire organization was improved because of this.

When I was monitoring Traps, during the period after we deployed it fully on our organization, there was around 125 users on it. We could see in a whole day that there was around 10 to 15 threats which kept popping up. Because I work in the hotel industry, we have a lot of emails which come through worldwide. They are for reservations and booking. Out of those 50 emails, five to six emails are malicious emails which have the extension of .exe files or other encrypted files. They could have had macros enabled in those files as well. Traps would alert us to these malicious files.

The network was infected when we were using Traps. One of the reservation computer was infected with ransomware. It was detected by the Traps. In Traps, it shows up that they investigated the file which was in a zip format. We uncompressed it to view the file and saw Traps detected this infection. It does analysis of all the files to an in-depth level, which was helpful for us to detect and avoid that infection being spread around.

View full review »
AJ
Divisional Operations Director at a tech vendor with 1,001-5,000 employees

The key thing is the visibility of what's going on in our networks and on our end devices. It gives us visibility.

It provides the ability to query. I can query for any file or any IOC on any of the devices installed, and it will search for a data link.

View full review »
CB
Senior System Administrator at a government with 10,001+ employees

I don't have to do much monitoring with it. I don't have to have anybody manually looking at this. It gives us reports, and it lets us know if something needs to be addressed, and we can easily address it. I've been pleased with it. It's been a really good product for us.

View full review »
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
OS
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services

In organizations where they don't implement a NAC, this product helps stop threats at the endpoint level. Everything goes through the endpoint. By the time you get something to a server, you are compromised at your perimeter, and you might be compromised at your ID or main control. With a third-party, you need a NAC, so you can put on something like McAfee or you need authorization so the organization can scan your computer, then you can connect to the network.

We can't do that for a daily operation. We can't just have personnel waiting for someone to connect, and say, "We need to scan your computer before you go into our network." We don't have time for that." So, you need to implement a NAC. However, if you don't implement a NAC from day one of your business, it is very complicated to do it after many years because the NAC is not like a security software. You have to go server by server and do an assessment. Meanwhile, you need to protect your organization. So, you can use tools like Traps to manage your security, even stopping the threat at the last contact. 

For organizations which do not have a NAC implemented, there has to be some type of endpoint security, and it needs to be tough, like Traps. With Traps, you can search events, manage them quickly, and locate any half exceptions. Trap's traffic is encrypted. 

We like the features where you can quickly locate exceptions and can configure process exceptions. You are building your own defense. Therefore, you are not only relying on Palo Alto, but you are applying day-to-day operations of configured language that a tool can understand.

View full review »
Rustam-Rustamli - PeerSpot reviewer
CISO at International Bank of Azerbaijan

We've seen benefits because the solution includes a big data approach to cyber security. All information is collected from the network, the endpoints, and the logs and analyzed by applying a big-data approach that shows up anomalies. 

View full review »
WA
System Administrator at NATIONAL ASSOCIATION OF REALTORS

Previously, we had to install endpoint protection per machine and then scan and update. If there were any possible threats, then you would have to go manually to the machine and scan. Cortex XDR basically does that centrally and predictably.

We get notified, and if need be, we'll investigate an endpoint. For the most part, we haven't had to do a whole lot of that because most of the time, it just stops the threat before it even becomes one. So, we have more time to do day-to-day work rather than spend time chasing those endpoints.

View full review »
AW
IT Security Administrator at a tech services company with 1-10 employees

It has quite a bit of functionality. So, if anything weird happens on our network, Cortex normally lets us know.

View full review »
RH
Security Engineer at U.S. Acute Care Solutions

Traditional anti-virus is signature-based, whereas Traps is behavior-based. Therefore, it doesn't necessarily whitelist things, it looks for anything with bad behavior. Thus, we've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for.

View full review »
MartinPulpan - PeerSpot reviewer
Owner and Executive Director at Cloud 9 s.r.o.

Clients have a big problem with phishing campaigns and phishing attacks. Cortex XDR provides some level of protection against malware spreading in the network with a wrong click of users.

View full review »
Jitendra_Singh - PeerSpot reviewer
Senior Vice President at Chi Networks

Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure.

View full review »
Zubair Ahmad - PeerSpot reviewer
Senior Chief Manager at Arcil

PALO ALTO CORTEX XDR brings visibility of all activity going in end point system and server. This helps us to investigate and take corrective action by blocking and allowing necessary services in the system. 

View full review »
LT
Lead IT Security Analyst at a mining and metals company with 1,001-5,000 employees

Its multi-layer approach helps my organization with anti-malware, exploit protection, and restrictions. A good analogy would be like peeling back an onion, getting through those layers. It gives you the confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind.

View full review »
PM
Senior IT Specialist at a manufacturing company with 1,001-5,000 employees

It is mainly for monitoring and/or logging. We look at it to see if there are any log incidents. 

We are using its latest version. It is deployed as a hybrid.

View full review »
MS
Sr. Technology Architect at Incedo Inc.

its a very good solution and single solution for entire infrastructure, give us good co-relation of incident. Single solution for Network, Endpoint, Servers. 

View full review »
AG
Account Manager at CIPHER

It makes it easier and faster to investigate problems and incidents.

View full review »
RR
Cybersecurity Engineer at GFR Media

Palo Alto Networks Traps improves our security posture and lowers risk by providing next-gen methods to combat against modern threats on all the major platforms.

View full review »
JW
Vice President / Chief Technology Officer at Sinnott Wolach Technology Group

It has absolutely improved the way our organization functions. We are more secure. It is giving us more peace of mind, and it is doing what it is doing. It has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it.

View full review »
MP
Technical Support Engineer at TD SYNNEX

Since IOC is already in the market, I can include it. I can ingest and manage it, whether a process, file or anything else.

Secondly, we can easily prioritize using the app if something goes wrong within the network. If there are multiple alerts, the app will automatically create and rate an event instead of going through each one. We get a simple view where I can easily see the exact child and parent processes, all summarized at each level with a simple click. From there, I can isolate the device and work on remediation. Using that, I will search for this file throughout the network and delete it. I can block or delete the network or block a particular end system.

Additionally, they do not have interactive remote shells when accessing remote shares. While I can access files and directories, competitors often provide a command prompt.

View full review »
AS
Cybersecurity Services Director at ITVikings

The product gives full visibility and control of the endpoints in the environment. The users and the employees can protect their systems by investigating files for incidents.

View full review »
AA
EMEA IT Infrastructure Manager at a consumer goods company with 5,001-10,000 employees

This product has not improved my organization - in fact, we are in the process of moving back to another product as a result of Cortex's horrible impact on system performance.

View full review »
MC
Network Manager of Cyber Defence at a government with 1,001-5,000 employees

Many people here are surfing the web on Russian sites, Korean sites, Chinese sites, etc., and by definition, they download things that are not very nice. Whenever there was something fishy, most of the anti-virus solutions just wouldn't see it. We needed endpoint protection that would detect as soon as some code started doing funny things. Traps was very good at that.

View full review »
MK
Head of Network and Communication Department at a program development consultancy with 10,001+ employees

No signature updates of the AV needed, so no old signatures. No patching, very little operational effort needed.

View full review »
JN
Manager of InfoSec at Joann Fabrics

Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place. We have not had any malware successfully execute on an endpoint since deploying Traps.

View full review »
MJ
Senior Security Consultant at a tech services company with 201-500 employees

The product is mostly automated, and we do not have to make decisions. All the decisions are made by the product itself. 

We are not required to create any custom policies. 

The policies that are created are well defined in the product itself.

View full review »
CB
Senior System Administrator at a government with 10,001+ employees

The product is very good, it has caught a lot of exploits that most products would not. The WildFire module is a great AI in detecting and preventing attacks. The only issues that we have are, one the cost, two the dashboard is not very intuitive, even though you can drill down within the dashboard, we usually have to gather information from other sources to determine locations and if its a false positive.

View full review »
Buyer's Guide
Cortex XDR by Palo Alto Networks
March 2024
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.