Try our new research platform with insights from 80,000+ expert users

BlackBerry Cylance Cybersecurity vs Cortex XDR by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 27, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
30th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
5th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
92
Ranking in other categories
Endpoint Detection and Response (EDR) (9th), Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.3% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.7%
BlackBerry Cylance Cybersecurity1.1%
Other95.2%
Endpoint Protection Platform (EPP)
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
NiteshSharma - PeerSpot reviewer
Automated threat response and behavioral control improve security measures
I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products. Additionally, multi-tenancy and multi-cloud features are not available and should be considered for inclusion.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The deployment of updates is easy."
"It provides good insight into the programs, applications, or websites that may need attention."
"It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect."
"The solution is stable."
"It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions."
"The solution is extremely scalable. It's got the hybrid functionality, it's got the system functionality and cloud functionality as well."
"The Application Guard and ByteGuard are useful features."
"The solution’s AI is its most valuable feature."
"Cortex XDR features advanced threat detection capabilities."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"The user interface of the solution is sophisticated and straightforward."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
 

Cons

"The management console needs a little maturity in how it presents data and allows the administrator to drill down or search across systems."
"The company that sells us the licenses sometimes doesn't know how to do certain things."
"I would like to see them fix the alerting system so that the endpoint reporting is a bit more streamlined."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"The AI of CylancePROTECT has room for improvement. I'm on a trial license of SentinelOne, and its AI is much better than what's on CylancePROTECT."
"The product must make the interface a little more user-friendly."
"Having worked with SentinelOne, Cylance is good, however, it probably needs to add a feature similar to SentinelOne's rollback functionality. With this feature, if you get infected, with a click, you can go back to the pre-infection state. If Cylance could add this functionality to their offering as well, that would be ideal."
"It is hard to manage."
"The solution lacks real-time, on-demand antivirus."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"There are a large number of false positives."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
 

Pricing and Cost Advice

"I think that the price we are paying is good for what it is."
"We went through a third party initially to do the renewal, but we won't be renewing, we will move on to something else."
"The solution provides me with competitive pricing."
"The monthly fee is $55 USD per user."
"CylancePROTECT is an affordable solution."
"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."
"The product cost is about $5, per user, per month."
"Our licensing cost for the solution is around $4,000 for six months. There are no costs in addition to the standard licensing fees."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I feel it is fairly priced."
"I don't recall what the cost was, but it wasn't really that expensive."
"This is an expensive solution."
"The price was fine."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
868,706 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
11%
Government
7%
Comms Service Provider
6%
Computer Software Company
13%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business33
Midsize Enterprise5
Large Enterprise13
By reviewers
Company SizeCount
Small Business41
Midsize Enterprise18
Large Enterprise36
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
 

Also Known As

Blackberry Protect
Cyvera, Cortex XDR, Palo Alto Networks Traps
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
CBI Health Group, University Honda, VakifBank
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Cortex XDR by Palo Alto Networks and other solutions. Updated: September 2025.
868,706 professionals have used our research since 2012.