No more typing reviews! Try our Samantha, our new voice AI agent.

BlackBerry Cylance Cybersecurity vs Tanium comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
32nd
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Tanium
Ranking in Endpoint Protection Platform (EPP)
15th
Average Rating
7.8
Reviews Sentiment
6.2
Number of Reviews
22
Ranking in other categories
Server Monitoring (3rd), Vulnerability Management (26th), Endpoint Detection and Response (EDR) (23rd), Unified Endpoint Management (UEM) (8th)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of BlackBerry Cylance Cybersecurity is 1.5%, up from 1.1% compared to the previous year. The mindshare of Tanium is 2.4%, down from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
Tanium2.4%
BlackBerry Cylance Cybersecurity1.5%
Other92.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Sooraj Makkancherrry - PeerSpot reviewer
Security Operations Manager at Philips
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
MA
Division Manager, Information Technology at a legal firm with 51-200 employees
Centralized policies have improved remote endpoint control and have simplified data visibility
The integration is not simple and easy. It requires experienced users or people who have done the implementation. When certain policies are applied, they do not immediately push the policies. For example, we manage endpoint device USB access. We set a policy to block it, but it does not come into effect immediately. Sometimes it takes three or four days for it to reflect. That is a pain point. I have raised this issue with support as well, but they said that I need to limit the number of devices in the policy. In terms of application deployment, for us, it was seamless.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The solution allows control over the user and his machine through Cortex XDR security policies."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"If you are looking to deploy a security solution as a whole, this is a good option."
"The dashboard is customizable."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"It is easy to use."
"Threat identification and detection are the most valuable features of this solution."
"This technology is very good, very stable, and we have great trust in it and what it delivers."
"The stability is perfect, and it is leaps and bounds beyond our previous solution by McAfee."
"The initial endpoint cost may seem a little high (~$55/device/year), but when you look at the total peace of mind that the solution of Cylance endpoint protection provides, with no reboots for updates, and negligible performance impact, it is well worth it."
"The most valuable features are script blocking and macros within Word documents for stopping unwanted applications from running in the background."
"The solution is pretty easy to scale."
"It works well and covers a good number of the bases you need covered for general cybersecurity and vulnerability management."
"CylancePROTECT works really well with the way we work."
"I like the AI and mathematical components that they use, and I like the pre-execution method of protection that prevents infection."
"It's definitely not complex, it is pretty user-friendly and it's a solid tool enterprise to use."
"Tanium is a very good product and I would rate it eight or nine out of ten."
"I would say Tanium is the best tool for vulnerability management."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"The product is granular and can build complex roles compared to other EDR vendors."
"The security features are very valuable."
"Tanium is used for endpoint management, specifically patching and configuration management."
 

Cons

"The connection to the internet has not performed as expected."
"The tool needs to be improved in terms of integration and interface."
"Cortex XDR by Palo Alto Networks could improve by adding a sandbox feature to better compete with their competitors which have it."
"Limited remote connection."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"There are a lot of false positives and it takes up a lot of time."
"The AI of CylancePROTECT has room for improvement. I'm on a trial license of SentinelOne, and its AI is much better than what's on CylancePROTECT."
"​Work on the math model. We are catching a lot of false positives, which gets to be a pain at the start of a deployment."
"While you are working, you are finding these things that were supposed to be waived have come back to being blocked. That's frustrating."
"Technical support is bad. I am not happy with the level of support they offer."
"It just doesn't make you feel like you're getting covered or have the best protection, which you should have."
"The problem is, for me, sometimes it creeps into the computers and into the servers that we want to get running."
"The user interface could be improved, it's very outdated."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"We had some issues with the solution's OS upgrade."
"Tanium required local admin or root rights on Mac devices, which did not comply with our security policies. This made the solution less suitable for our restrictive environment."
"The solution lacks mobility."
"The main issues are the network connection because different customers have issues with their networks. It's difficult implementing this type of solution because the network is the main feature in the architecture for these types of solutions. Tanium could improve by creating some network optimization."
"The most painful thing is the interface. It's a bit unclear sometimes."
"The problem or challenge is a pre-sales and go-to strategy for the SMB market delivered through a channel or model. It's very convoluted and vague, which leads to some confusion about the various types of modules, and the device-to-seat cost is extremely difficult to calculate."
"Most of the time, agent-relative issues have to be more equipped with self-healing features. At times, the agent is there, but for some reason, it doesn't report a status. It gives certain problems that are obviously agent-based."
 

Pricing and Cost Advice

"It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
"It has a yearly renewal."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"I don't have any issues with the pricing. We are satisfied with the price."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The license price for this solution could be better. It's on the expensive side."
"The price is reasonable for us at the moment. I rate the overall solution an eight out of ten."
"The product cost is about $5, per user, per month."
"​Shop around for sure and be assured the price you pay will be close to other solutions available, but even at a slight mark-up from the other solutions, you are getting real endpoint protection versus nothing more than a cheap security blanket that might keep you warm at night."
"We pay our license on a yearly basis and have just renewed for two years."
"CylancePROTECT's pricing is reasonable, at about €18 per user, per year."
"On a scale from one to ten, where one is cheap and ten is expensive, I rate the solution's pricing a seven out of ten."
"My company is on a yearly CylancePROTECT subscription. Price-wise, the solution is slightly expensive, so I'd rate it as eight out of ten."
"It's an expensive solution. It would be nice if the cost were lower."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"It is higher than some competitors in the market."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"The solution offers value for money."
"There is an annual license required to use this solution."
"The solution is expensive but it's a good investment."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
11%
Financial Services Firm
7%
Manufacturing Company
7%
Computer Software Company
7%
Financial Services Firm
14%
Government
10%
Manufacturing Company
9%
Healthcare Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business33
Midsize Enterprise5
Large Enterprise14
By reviewers
Company SizeCount
Small Business8
Midsize Enterprise3
Large Enterprise12
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we conta...
What is your primary use case for Blackberry Protect?
I am using CylancePROTECT as an active learning algorithm. We installed it on almost 20,000 servers and virtual machi...
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the co...
What advice do you have for others considering Tanium?
For smaller companies, Tanium is quite a big investment, and one needs to have a considerable setup to make it econom...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackberry Protect
Tanium Inc Cloud, Tanium XEM
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Tanium and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.