We performed a comparison between Cortex XDR by Palo Alto Networks and Cybereason XDR based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."A crucial aspect for our team is the inclusion of identity and access management tools from the vendor."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The portal is quite user-friendly. There is integration with Office, Intune, and other products from the same portal. From there, we can see which policies are installed on a particular machine. We also can manage devices, groups, and tagging."
"The solution is well integrated with applications. It is easy to maintain and administer."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Defender is easy to use. It has a nice console, and everything is all in one place."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Stability is one of the features we like the most."
"The most valuable feature is that you can select remote access of any machine for sandboxing."
"It integrates well into the environment."
"The stability of this product is very good."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"Cybereason XDR's most useful feature is the investigation."
"The solution has an investigation feature, which is useful for building storylines."
"Stability could be improved by avoiding frequent changes to the interface."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"For some scenarios, it provides good visibility into threats, and for some scenarios, it doesn't. For example, sometimes the URLs within the emails have destinations, and you do get a screenshot and all further details, but it's not always the case. It would be good if they did a better job of enabling that for all the emails that they identified as malicious. When you get an email threat, you can go into the email and see more details, but the URL destination feature doesn't always show you a screenshot of the URL in that email. It also doesn't always give you the characteristics relating to that URL. It would be quite good if the information is complete where it says that we identified this URL, and this is what it looks like. There should be some threat intel about it. It should give you more details."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"Since all of our databases are updated and located in the cloud, I would like additional support for this."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"I would like to see some additional features related to email protection included."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"Cortex XDR could be improved with more GUI features."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"It'll help if customization was easier."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"The one thing we sometimes have issues with is its integration with other security applications like antiviruses."
"Cybereason's customer support could be better."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while Cybereason XDR is ranked 18th in Extended Detection and Response (XDR) with 2 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Cybereason XDR is rated 8.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Cybereason XDR writes "Provides effective incident response and investigation features". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Fortinet FortiEDR, whereas Cybereason XDR is most compared with Wazuh, Cynet and Trend Vision One. See our Cortex XDR by Palo Alto Networks vs. Cybereason XDR report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.