Cortex XDR by Palo Alto Networks and Cisco Secure Endpoint are two leading solutions in the endpoint protection market. Cisco Secure Endpoint seems to have the upper hand due to its feature richness and ease of deployment.
Features: Cortex XDR offers advanced threat detection, powerful analytics, and integration with other Palo Alto Networks products. Cisco Secure Endpoint includes endpoint visibility, comprehensive threat intelligence, and a robust suite of security features.
Room for Improvement: Cortex XDR needs to enhance its reporting capabilities, ease the initial setup complexity, and improve user interface design. Cisco Secure Endpoint requires performance optimization, reduction in false positives, and better offline protection.
Ease of Deployment and Customer Service: Cortex XDR is moderately challenging to deploy but benefits from strong customer service support. Cisco Secure Endpoint is recognized for its relatively straightforward deployment process and excellent customer service.
Pricing and ROI: Cortex XDR offers a reasonable return on investment despite higher upfront setup costs. Cisco Secure Endpoint users feel the pricing and ROI are well-aligned with the comprehensive services, providing better value for the investment in relation to its extensive features and ease of deployment.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
Cisco has good technical support, especially considering these are newer solutions compared to traditional routing and switching products.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
Cisco Secure Endpoint is definitely scalable.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
I think scalability for Cortex XDR by Palo Alto Networks is good.
We have not encountered any problems.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR is stable, offering high quality and reliable performance.
The forensic capabilities need enhancement, especially for deep forensic data collection.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
| Product | Market Share (%) |
|---|---|
| Cortex XDR by Palo Alto Networks | 3.4% |
| Cisco Secure Endpoint | 1.3% |
| Other | 95.3% |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 14 |
| Large Enterprise | 21 |
| Company Size | Count |
|---|---|
| Small Business | 43 |
| Midsize Enterprise | 20 |
| Large Enterprise | 45 |
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
Cortex XDR by Palo Alto Networks provides advanced threat detection with AI-driven endpoint protection and seamless integration, ensuring multi-layered security and automatic threat response.
Cortex XDR is designed to safeguard endpoints against malware and suspicious activities. It offers advanced threat detection and response capabilities using behavioral analysis, AI, and machine learning. It seamlessly integrates with security infrastructures, providing endpoint security, firewall integration, and enhanced visibility in both cloud-based and on-premises environments.
What are the key features of Cortex XDR?Organizations in diverse sectors deploy Cortex XDR to protect against malware, leveraging its advanced threat detection capabilities. Its integration with existing security infrastructures appeals to those seeking comprehensive protection in both cloud and on-premises environments, providing enhanced visibility and threat intelligence.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
