No more typing reviews! Try our Samantha, our new voice AI agent.

CompassOne by Blackpoint Cyber vs Red Canary comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Jun 3, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
CompassOne by Blackpoint Cyber
Ranking in Endpoint Detection and Response (EDR)
39th
Average Rating
9.0
Reviews Sentiment
7.8
Number of Reviews
5
Ranking in other categories
Security Information and Event Management (SIEM) (37th), Vulnerability Management (47th), Application Control (10th), Managed Detection and Response (MDR) (11th), Identity Threat Detection and Response (ITDR) (14th)
Red Canary
Ranking in Endpoint Detection and Response (EDR)
37th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
7
Ranking in other categories
Advanced Threat Protection (ATP) (24th), Managed Detection and Response (MDR) (12th), Risk-Based Vulnerability Management (16th)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Gary Herbstman - PeerSpot reviewer
Owner at Byte Solutions Inc.
Experienced reduced alert fatigue with streamlined notifications
We use Blackpoint Cyber MDR for our higher-end clients who need a higher level of control over security I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real. This feature ensures that I am notified only…
JH
Head of Information Security and Privacy at Ovative Group
Gained trusted 24/7 threat coverage and now focus security efforts on architecture and design
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues. The Red Canary team's expertise stands out compared to others I've worked with because their team is organized into smaller pods that support a given number of clients, so they're not just a bevy of operators going around the clock. The teams themselves have coordination and cohesion, and they get to know us. Their integrations into the different platforms and systems that we use all line up with our needs, whereas a number of other platforms offered a different variety of integrations that did not line up with our requirements. Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization. With the freed-up resources, we've been able to implement CSPM, SAST, software testing tooling, and engage much more closely with our developers and engineers to focus on secure architecture and design.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"WildFire AI is the best option for this product."
"It is an easy-to-use tool."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"Cortex XDR alerts us on the dashboard when there's a threat, which allows us to restrict that user and helps secure our infrastructure."
"If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex."
"Cortex XDR by Palo Alto Networks saves time in various ways, although the user interface is fairly standard."
"I appreciate that there are people behind the scenes sorting out valuable alerts from those that are not, so I only get alerts when they are real."
"The solution also watches over Microsoft 365 and keeps a copy of logs."
"The solution is all encompassing and can incorporate email monitoring."
"Their SOC is phenomenal in not monitoring and responding and taking action."
"On my end, the most valuable feature of this solution is that I can install it and forget about it. After that, their SOC team takes over and they only call me when there's a problem."
"On a scale from one to ten, I would rate the overall solution as a ten."
"Red Canary has impacted my organization positively because we treat any ticket triggered by them as high priority due to the fact that 99 percent of the time it is a true positive."
"I am satisfied with this solution and it is very competitive with other similar EDR or MDR solutions because it provides very impressive information about the root cause of the threat, such as malware."
"The solution works well for what we use it for and the support and protection are good."
"I recommended Red Canary to my friends who work in other organizations."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"The most valuable feature of the solution is its automation part."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization."
 

Cons

"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"The encryption is not up to the mark."
"It automatically detects security issues. It should be able to protect our network devices while operating autonomously."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"The negative aspect I see is the economic model used by Palo Alto."
"There are some false positives."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"I have faced some issues with Cortex XDR by Palo Alto Networks; there is room for improvement in the sense that certain options prevent us from seeing and segregating data."
"The interface could be more intuitive. More transparency is needed in the interface as a lot of details are hidden behind the scenes, making them difficult or impossible to access."
"The solution does not tie into other EDR products like CyberArk or CrowdStrike but that might be more useful."
"The interface could be more intuitive."
"While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a beneficial improvement."
"The feature we keep asking for is a vulnerability scan."
"Some texts seem to report items as normal too quickly."
"Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including the types of data they're looking at and the types of systems that they're integrating with."
"Red Canary's pricing spectrum may not be ideal for smaller financial institutions."
"In general, the solution currently fails to provide a summary to its users."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"The price could always be better."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
"I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representation to easily identify what happened."
 

Pricing and Cost Advice

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"It's about $55 per license on a yearly basis."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The tool's price is moderate."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The price of the product is not very economical."
"The pricing is a little high. It is per user per year."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"The pricing is in line with other products."
"The pricing is reasonable."
"I have not compared Red Canary to other solutions to know if the price is high or low. However, I have found the price of this solution fair and reasonable, it cost approximately $100 per year, per device. If they could provide the solution for $50 per year, per device, it would be better."
"The solution could vary in price depending on how many endpoints a company has."
"Red Canary MDR I use is an open-source tool."
report
Use our free recommendation engine to learn which Managed Detection and Response (MDR) solutions are best for your needs.
904,899 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Computer Software Company
10%
Financial Services Firm
9%
Outsourcing Company
8%
Healthcare Company
7%
Financial Services Firm
10%
Manufacturing Company
8%
Construction Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business6
Large Enterprise2
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Blackpoint Cyber MDR?
While I am very satisfied with the service, supporting additional platforms, particularly Linux support, would be a b...
What is your primary use case for Blackpoint Cyber MDR?
The solution serves as a baseline security offering. We have implemented it for every client that we do business with.
What needs improvement with Red Canary MDR?
I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representa...
What is your primary use case for Red Canary MDR?
My main use case for Red Canary is that a Red Canary analyst monitors our logs, and if they see any abnormality, they...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Blackpoint Cyber Managed Detection + Response, Blackpoint Cyber Managed Detection and Response
Red Canary Managed Detection and Response (MDR)
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
CoreRecon, Peerless Tech Solutions, Lorien Health
DuPont, Quanta Services, Microchip Technology, Hopkins Public Schools, Henny Penny, Schumacher Homes
Find out what your peers are saying about CompassOne by Blackpoint Cyber vs. Red Canary and other solutions. Updated: June 2026.
904,899 professionals have used our research since 2012.