Try our new research platform with insights from 80,000+ expert users

BlackBerry Cylance Cybersecurity vs Cortex XDR by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Jul 27, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
30th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
5th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
92
Ranking in other categories
Endpoint Detection and Response (EDR) (9th), Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.3% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.7%
BlackBerry Cylance Cybersecurity1.1%
Other95.2%
Endpoint Protection Platform (EPP)
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
HectorRios - PeerSpot reviewer
Has detected high-risk threats effectively and provides strong behavioral protection
They did well with handling high-risk threats. I would rate Palo Alto support an eight or nine. I would give them an eight because in the majority of cases, we talk with local partners, and only in case of an emergency or a difficult issue, we jump to Palo Alto support. When we had that experience with Palo Alto support, it was nice service, but it was really difficult to get it. To jump from the partner to Palo Alto directly was challenging. I understand that it's part of the service, as the local partner just jumps up to Palo Alto support in case they need it. In some cases, when we faced an important issue, it was preferred to jump directly to Palo Alto to save time.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution’s AI is its most valuable feature."
"It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions."
"What's most valuable in CylancePROTECT is the optics feature. I also like its easy-to-use and user-friendly dashboard and monitoring system."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background."
"I like the AI and mathematical components that they use."
"It handles situations that the other threat management tools wouldn't find. It has worked well covering the weaker sides of the other products that we're integrating."
"The most valuable features of CylancePROTECT are its powerful machine-learning capabilities and predictive intelligence."
"They have a new GUI which is just fantastic."
"Cortex XDR features advanced threat detection capabilities."
"The solution doesn't need a high level of technical training."
"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."
"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."
"Has great threat detection capabilities."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
 

Cons

"It's a good solution but some features just need to be updated."
"Additionally, their channel management has been lacking, with a notable disregard for small and medium-sized businesses, focusing primarily on large enterprises and very large MSPs."
"The stability could be improved."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"If they can add more features on top of their Persona feature that would be ideal."
"The process of whitelisting a script that you want to be able to run can be a little bit difficult, or awkward."
"Reporting is an area with shortcomings in CylancePROTECT that needs to be improved."
"The OPTICS component could be made more user-friendly with respect to giving people more information."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"In general, the price could be more competitive."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"The solution could improve by providing better integration with their own products and others."
"I would like to see them include NDR (Network Detection Response)."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"To jump from the partner to Palo Alto directly was challenging."
 

Pricing and Cost Advice

"The solution provides me with competitive pricing."
"Review closely how many endpoints you actually need before buying into a pricing level. Deal and deal with the VAR of your choice."
"The tool is not that expensive."
"It's not so heavily priced; rather, it's average and decent."
"We pay our license on a yearly basis and have just renewed for two years."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."
"My company is on a yearly CylancePROTECT subscription. Price-wise, the solution is slightly expensive, so I'd rate it as eight out of ten."
"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."
"It's about $55 per license on a yearly basis."
"I feel it is fairly priced."
"The price is on the higher side, but it's okay."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"I don't recall what the cost was, but it wasn't really that expensive."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
869,771 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Government
7%
Comms Service Provider
6%
Computer Software Company
13%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business33
Midsize Enterprise5
Large Enterprise13
By reviewers
Company SizeCount
Small Business41
Midsize Enterprise18
Large Enterprise36
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
 

Also Known As

Blackberry Protect
Cyvera, Cortex XDR, Palo Alto Networks Traps
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
CBI Health Group, University Honda, VakifBank
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Cortex XDR by Palo Alto Networks and other solutions. Updated: September 2025.
869,771 professionals have used our research since 2012.