We compared Cortex XDR by Palo Alto Networks and Darktrace based on our users’ reviews in four categories. After reading the collected data, you can find our conclusion below.
Comparison of Results: Based on the parameters we compared, Cortex XDR by Palo Alto Networks seems to be the superior solution. Our reviewers feel that because Darktrace is lacking where security is concerned, Cortex XDR is a better investment.
"Forensics is a valuable feature of Fortinet FortiEDR."
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The product's initial setup phase is very easy."
"We have FortiEDR installed on all our systems. This protects them from any threats."
"he solution is an anti-malware product that integrates well with other vendor products such as firewalls, SIEM, etc. It captures threat intelligence and gives you better visibility. The product also has sandboxing features."
"Fortinet is very user-friendly for customers."
"Fortinet FortiEDR's firewalling, rule creation, monitoring, and inspection profiles are great."
"Ability to get forensics details and also memory exfiltration."
"The solution doesn't need a high level of technical training."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"The solution's most valuable feature is its ability to rapidly detect certain hardware files."
"This software helps us understand any issues that may arise when someone is not at work."
"It is easy to use."
"It integrates well into the environment."
"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
"They have a new GUI which is just fantastic."
"It provides a comprehensive, detailed view of network activity and whatever is happening inside it."
"We liked their approach to identifying intrusions or network anomalies using AI."
"The platform has many modules, and each module examines a different situation in the behavior."
"The most valuable features of Darktrace are the tracing of unusual external emails and monitoring the local network."
"The main valuable feature is that we don't need a lot of analysts. With few analysts, we have all the network monitored, 24/7."
"Provides great network protection."
"It is very easy to work with Darktrace once you know how it works and the type of permissions that you need to get related to the security over a network. The interface is awesome. I'm sure that you have seen Ironman, and you know Jarvis, the computer of Tony Stark. The interface of Darktrace is very similar, and you can see in 3D, like a hologram, the whole network, traffic, and all the traces inside the network. The interface is awesome, and it provides a lot of information. At least for us, it is very easy to handle this interface, get the reports, and do the interpretation of those reports. Darktrace also provides mobile monitoring. With an app on your mobile phone, you can view the information live, which is very useful for area directors and field engineers. Darktrace can be also correlated with any type of big data solution, such as Splunk."
"t was pretty as far as the granularity of what you were getting out of it."
"The solution is not stable."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"Detections could be improved."
"ZTNA can improve latency."
"We find the solution to be a bit expensive."
"We'd like to see more one-to-one product presentations for the distribution channels."
"Integration with Azure and SaaS provisioning tools could improve Fortinet FortiEDR."
"We've encountered challenges during API deployment, occasionally resulting in unstable environments."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"It would be good to have a better way to search for a file within the UI."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"If they had pulse rate detection, it would be better."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"It could build in integrations for some complementary products, but it has an assistant plugin so this is not really a big deal."
"The module can improve so that every time it's more intelligent."
"Darktrace could improve its features, such as monitoring and detecting ransomware."
"This product needs more in terms of prevention. The detection capabilities work well but once a threat has been detected, Darktrace should work to prevent it from doing anything malicious."
"I would like for the product to work on the endpoints as well. I would like to see enhanced visibility into the endpoints and network but this solution only sits on the network itself."
"They just need to make it a little bit more accurate as far as their alerts are concerned. It does generate some false positives that you have to tune. You have to do a lot of tuning when you first get it because of the false positives, but once it is all tuned up and ready to go, it will do its thing from there."
"I would like to see a feature where the tool ingests information from an anti-malware product that is present at the endpoint."
"The program is quite expensive."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 4th in Endpoint Protection Platform (EPP) with 80 reviews while Darktrace is ranked 11th in Email Security with 65 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Darktrace is rated 8.2. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of Darktrace writes "Great autonomous support, offers an easy setup, and has responsive support". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Symantec Endpoint Security, Trellix Endpoint Security and Check Point Harmony Endpoint, whereas Darktrace is most compared with CrowdStrike Falcon, Vectra AI, SentinelOne Singularity Complete, Cisco Secure Network Analytics and ExtraHop Reveal(x).
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.