WPS Security Engineer at a tech services company with 201-500 employees
Real User
Top 5
2023-11-14T12:42:46Z
Nov 14, 2023
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.
Find out what your peers are saying about Secureworks, Microsoft, Palo Alto Networks and others in Extended Detection and Response (XDR). Updated: April 2024.
Extended Detection and Response (XDR) solutions designed to provide a more comprehensive and unified approach to threat detection, investigation, and response across diverse data sources.
Initially, we found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules. This functionality, available in the Cortex XDR platform, wasn't present then. While there might have been changes since then, during our usage, we couldn't easily import or send Syslog data to the platform and could not create custom parsing rules for data recognition and correlation rule alerts. The query builder's functionality could have been more robust, forcing us to create broader exclusions than desired, resulting in a visibility gap due to the inability to make more granular exclusions within the query builder.