Some of my customers have McAfee, Symantec, or Kaspersky. Palo Alto can integrate with other vendors, so it's not locked to one single vendor. Other vendors like Trend Micro, Bitdefender, CrowdStrike, etc. have limitations on log collection from other places. On Palo Alto's datasheet, it tells you that it can talk to Check Point, Fortinet, etc. It's pretty awesome. I believe this is a huge advantage that allows us to implement Cortex anywhere. 

We were the victim of ransomware. Prior to that we were using an antivirus application from Sophos, which was not able to detect that ransomware engine which encrypted our servers and client machine. So, it was a disaster, and we started looking for another solution which could perform better and give us zero-day threat alerts. I researched which would be the better solution and came across Traps. We ran version 3.5 for a period of one month, where we tested it against malware, viruses, etc. The performance of the Traps has proven itself to work very well in detection.

We used to use Symantec. We have since stopped.

Symantec can easily be put on a USB device, and then they can check it all to scan within the computer. However, we tried to submit a case for a feature enhancement, and, after two or three years, they still do not have this feature enabled and available. 

I've worked with Carbon Black, which Cortex XDR beats hands down. The reason it beats it hands down is because of the ability to query. I couldn't do that with Carbon Black. For me, that was a genuine issue with Carbon Black. That was one of the main reasons why we've literally moved 22,000 devices off Carbon Black into Cortex XDR.

We also use Sophos, McAfee, and BitDefender. As a group, we buy multiple companies a year. So, we come across most of them.

If it is my own device, I would love to have Cortex, but I can't buy one license. I have to buy a minimum of 250 licenses. So, I normally go for something like BitDefender because it has the least amount of bloatware.

Previously, approximately one year ago, we used Kaspersky.

We are currently using both Kaspersky and Cortex XDR by Palo Alto Networks.

We were previously using Malwarebytes and McAfee. We are still using them along with Traps.

We are currently moving to SentinelOne.

We have previously used antivirus solutions. We decided to use Cortex XDR by Palo Alto Networks because of its flexibility.

We previously used Sophos, and it was okay. The only thing I liked about Sophos was that it was easier to deploy to the desktop, but with Cortex XDR, once you have it already deployed, updating it is easy.

We needed something that was going to work with Macs and Linux, different products. Also, we needed something that would be more predictive versus relying on definition files that are publicly available. You don't want to be in a zero-day attack. With Cortex XDR, it's one of those where you can download any virus. It's just not going to run on your machine. Most malware products rely on a database to tell you that there's a virus file.

Sometimes, there are false positives. If it's a legit file or application that an end user is trying to download and use on their machine, it won't allow that. With Cortex XDR, however, they can download the file. It's just going to be rendered useless until you enable it and make an exception for it. It can run what identifies it and just sends you a notification saying that it's a malicious file and that it's there. It's not going to do anything to the system. That was a huge selling factor with Cortex XDR.

We're service providers. We offer a variety of solutions to our clients, including Palo Alto, Cisco, Microsoft, and McAfee, depending on their needs. We don't just use or recommend one particular endpoint protection product.

About a year back I implemented Cisco and Palo Alto for our customer. Cisco AMP is also a good solution while it is running with the grid, however, I have not been involved with using it for three years.

In routing and switching, Cisco is good. However, Cisco AMP, which is an endpoint security, requires you to work with many other AMP solutions from Cisco. 

My first preference would be Palo Alto and my second preference would be Cisco AMP.

I am currently using QRadar in more than one enterprise, as well as Cynet, and Darktrace. We also use all of the Microsoft platforms with QRadar.

I have a team working on this solution. So I assisted a customer in deploying and implementing this solution. My colleague and I have formed a team. I am a SOC manager, my new role is that of a SOC manager. I don't use it directly, but I try to assist my colleague in working with more enterprises or customers. We have, I believe, five or six different IBM QRadar platforms.

We use several solutions and they are all good, but each one is different.

Cynet is a good platform, but helpful for my team because it is not simple to understand.

We previously used CrowdStrike Falcon X.

Cortex XDR by Palo Alto Networks is easier to understand and use compared to CrowdStrike Falcon X endpoint. The dashboard and interface of CrowdStrike Falcon X can be cluttered, making it difficult for some users to understand where to begin when it comes to incident response or threat hunting. In contrast, Cortex XDR by Palo Alto Networks is simple to navigate and understand.

If they want to do a POC, they can look for other market trenders that are there like Trend Micro. They also have their XDR solution. FireEye also has its XDR solution. They should do a comparison on what is based on their requirement. Based on their requirement, they should select the vendor. We saw that there were quite a few ransomware attacks that were not detected by traditional antivirus, so we moved to the Palo Alto solution. Likewise, the companies who want to implement EDR solutions, have to look at the problem statement. Based on their problem statement, they should work and find out a feasible solution.

We use the Kaspersky protection solution. Kaspersky works based on blacklists, if you are on the blacklist it is working well but if you are not Kaspersky does not work.

We used to have Check Point. We switched because there were a lot of added features with Palo Alto that Check Point didn't have. It was an upgrade for us.

Our older solution was from Fortinet. It was out of date and more difficult to use. The IT staff say that the Palo Alto product is better.

We were previously using Sophos for antivirus, and are still using Sophos for antivirus, but we're using Traps to augment it.

I also worked a little bit with SentinelOne. Cortex XDR is very similar to the SentinelOne solution from the features point of view. It's a little bit different technology, but both solutions are very capable.

Previously, I used McAfee Antivirus, Memory utilization very high which doesn't yet have virtualization or a dashboard. I found that product to be a little difficult, and it was not linked to a real solution, so I decided to go with Cortex XDR as it's one of the best XDR solutions for security.

In terms of Security, we are working with a few products and a few brands.

We use Palo Alto and we also work with Barracuda. These solutions are used on the web firewall and for email protection.

We work with the entire Barracuda product line, but specifically for email protection and web filtering.

Barracuda Essentials is included with O365 protections, we work with those solutions. 

Palo Alto is part of a different vertical layer than Barracuda. It's distinct. They are very different.

We have been exploring a similar solution. Right now I am also doing testing on Sentinel at the center. This is a similar solution. But we have only just begun testing Sentinel, so we do not really have enough experience with it to comment on the product.  

We previously used McAfee vs Palo Alto. McAfee is a traditional antivirus. It provided little to no value. We didn't see it stop anything. It wasn't blocking anything. The management was difficult to use because of the virus definitions, where you had to sync every endpoint each day with these updates.

Since we were a Fortinet shop, we previously used the FortiClient endpoint agent. We switched to Palo alto FWs and endpoint protection because it is a more mature product with advanced next-gen capabilities not available from the Fortinet solution.

At one time, I tried Cylance, and it just wasn't that effective for what we needed. At the time, it wasn't really an EDR solution.

I also use Sophos Intercept X.

Before Traps we had no endpoint protection.

We are using Symantec now. We were thinking of purchasing Palo Alto but because the EDR part was not there at the time, we went with Symantec which has the EDR solution. EDR is essential for our project. I think it has been announced that EDR is part of Traps now.

Yes. We switched because the footprint was heavy, the protection rate decreases and the operational costs (incidence response) were high.

We previously used McAfee, but we switched because of our customer. We checked Gartner's to learn about each vendor and solution and consulted with the customer about the features they needed. 

We were previously using McAfee and we switched to this solution because they failed to provide us proper protection.

We used McAfee previously. We switched because the solution is pretty automated. You don't have to manually decide on the policy.

I've also used McAfee MVISION Endpoint. 

I'm testing them both and finding the advantages and disadvantages between them.

We have used Cylance in the past, although we stopped using it about three years ago.

We are currently using K7 Endpoint Protection. Unfortunately, it is not catching anything, whether it is malware or a virus.