Cisco Secure Endpoint vs Cortex XDR by Palo Alto Networks comparison


Comparison Buyer's Guide

Executive Summary

Categories and Ranking

Fortinet FortiEDR
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Detection and Response (EDR) (12th)
Cisco Secure Endpoint
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (10th), Endpoint Detection and Response (EDR) (9th), Cisco Security Portfolio (7th)
Cortex XDR by Palo Alto Net...
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd)

Mindshare comparison

As of June 2024, in the Endpoint Protection Platform (EPP) category, the mindshare of Fortinet FortiEDR is 5.0%, up from 3.7% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.9%, down from 2.2% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 4.9%, down from 5.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
Unique Categories:
Endpoint Detection and Response (EDR)
Cisco Security Portfolio
Extended Detection and Response (XDR)
Ransomware Protection

Featured Reviews

RafaelTorres - PeerSpot reviewer
Feb 20, 2024
Valuable for remote work security and enhances endpoint protection effectively
At my last job, we used FortiEDR to secure endpoints for 8,000 employees across MacBooks and Linux machines, ensuring the protection of backups and VPN connections. In 2020, we faced a significant challenge with remote work in Brazil, where BitLocker was utilized. FortiEDR proved invaluable as it…
Apr 9, 2023
Provides behavioral analytics and works on all types of devices and endpoints
Most of the customers don't even know that they are more secure. It's like they expect to be secure, but the moment we have a big threat from the outside, they will see and they will know that we are far faster and better able to protect them and react to threats from the outside. Cisco Secure has saved us time, especially the SecureX platform has helped us to automate certain processes and do analytics. That prevents us from taking each individual part of the logging. They have the intelligence in there to do the first check for us, and that saves a lot of time. There is a reduction in operating expenditures but not only from the Secure perspective. Our full stack is based on Cisco, so we leverage the full integration part of that. We have our compute, we have our networking, and we have our security, and that makes it easier because you have less interfaces with different products. From a technical perspective, I would rate it quite high for securing our infrastructure from end to end. From a behavioral perspective, in terms of the end customers leveraging it, there's still a little bit of work to do because we need to help the end customers to be more aware of what they're doing. On the endpoint for a user, they don't exactly see what is happening. From a visual perspective, you also want to have a feeling that you're safe or you get some tips or tricks to be safer, but for the most important part, which is the technical part, I would rate it very high. We really trust Cisco.
Mar 21, 2024
A stable XDR solution with file detection
The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan. Everything is fine. However, if there are any security suggestions, they should be addressed promptly. For instance, configuring the tool and setting up email configurations are essential. Additionally, web filtering is crucial; if there are any high-risk URLs or logs, they should be filtered. Palo Alto Networks already has a robust database for this purpose, which they utilize in their perimeter-level devices by leveraging this database and integrating it into Cortex XDR, enhancing the security posture. Automatic security suggestions are also provided for individual devices, further enhancing security. Adding URLs and addressing the mentioned points are essential steps. They're aggregating all the logs from various devices.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"We have FortiEDR installed on all our systems. This protects them from any threats."
"Having all monitoring, response, tracking, and mitigation tools in one dashboard provides our analysts and SOC team with a comprehensive view at a glance."
"This is stable and scalable."
"It is very easy to set up. I would rate my experience with the initial setup a ten out of ten, with ten being very easy to set up."
"The ease of deployment and configuration is valuable. It's very easy compared to other vendors like Sophos. Sophos' configuration is complex. Fortinet is a lot easier to understand. You don't need a lot of admin knowledge to do the configuration."
"Impressive detection capabilities"
"It notifies us if there's any suspicious file on any PC. If any execution or similar kind of thing is happening, it just alerts us. It doesn't only alert. It also blocks the execution until we allow it. We check whether the execution is legitimate or not, and then approve it or keep it blocked. This gives us a little bit of control over this mechanism. Fortinet FortiEDR is also very straightforward and easy to maintain."
"The solution was relatively easy to deploy."
"The solution's integration capabilities are excellent. It's one of the best features."
"The biggest lesson that I have learned from using this product is that there is a lot more malware slipping through my email filters than I expected."
"The solution is easy to deploy and applies multi-factor authentication."
"The most valuable features of this solution are the IPS and the integration with ISE."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"There are no issues or drops in the solution's performance...The solution's technical support was helpful."
"The most valuable feature is signature-based malware detection."
"For the initial first level of support, we provide it from our side. If there's escalation required, we use Cisco tech for the AMP. And again, they are perfect. I mean, one of the best, compared to any other vendors."
"They did what they said. This solution could apply to any scenario."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"The initial setup is pretty easy."
"It is easy to use."
"From a single pane of glass, you can easily manage all of your endpoints."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."


"It takes about two business days for initial support, which is too slow in urgent situations."
"I would like the solution to extend beyond endpoint protection and include other attack surfaces such as other network components."
"There's room for improvement in the quick response time and technical support for integration issues, especially when dealing with multiple vendors."
"To improve Fortinet, we need to see more features and technology areas at the endpoint level introduced."
"FortiEDR could add a separate scanning dashboard. In incident management, we prefer to remove the endpoint system from the environment and scan the system. We typically use Symantec for that, but if we want to use FortiEDR for that, then we need a scanning tab to clarify things."
"We've had a lot of false positives; things incorrectly flagged that require manual configuration to allow. Even worse, after we allow a legitimate program, it sometimes gets flagged again after an update. This has caused a lot of extra work for my team."
"The solution is not stable."
"I haven't seen the use of AI in the solution."
"We don't have issues. We think that Cisco covers all of the security aspects on the market. They continue to innovate in the right way."
"...the greatest value of all, would be to make the security into a single pane of glass. Whilst these products are largely integrated from a Talos perspective, they're not integrated from a portal perspective. For example, we have to look at an Umbrella portal and a separate AMP portal. We also have to look at a separate portal for the firewalls. If I could wave a magic wand and have one thing, I would put all the Cisco products into one, simple management portal."
"I would like to see integration with Cisco Analytics."
"The thing I hate the most, which they have not fixed, is when it creates duplicate entries within a console. If you have a computer and you upgrade from Windows 7 to Windows 10, or you upgrade your agent from version 6 to 7, it creates a new instance in there instead of updating the information. Instead of paying a license for one computer, I have to license two computers until I manually go in, search for all the duplicate entries, and clean them out myself."
"It cannot currently block URLs over websites."
"The technical support is very slow."
"It is not very stable because we have new versions four times a year, which fixes bugs. We had some problems with some deployments."
"Integration and dashboard are areas with certain shortcomings in Cisco Secure Endpoint."
"Managing the product should be easier."
"Limited remote connection."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"Impact on system performance is horrible, adding a lot of delays for users."
"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."

Pricing and Cost Advice

"I know it is tough to get big budget additions up front, but I highly recommend deploying environment wide and adding the forensic service."
"The pricing is typical for enterprises and fairly priced."
"I would rate the solution's pricing an eight out of ten."
"The solution is not expensive."
"The pricing is good."
"While the cost may have been high, we view it as a worthwhile investment due to Fortinet's reliability and long-term performance."
"Fortinet FortiEDR has a yearly subscription."
"It is expensive and I would rate it 8 on the scale."
"Whenever you are doing the licensing process, I would highly advise to look at what other Cisco solutions you have in your organization, then evaluate if an Enterprise Agreement is the best way to go. In our case, it was the best way to go. Since we had so many other Cisco products, we were able to tie those in. We were actually able to get several Cisco security solutions for less than if we had bought three or four Cisco security solutions independently or ad hoc."
"The price is very good."
"The costs of 50 licenses of AMP for three years is around $9,360."
"It is an expensive solution."
"We can know if something bad is potentially happening instantaneously and prevent it from happening. We can go to a device and isolate it before it infects other devices. In our environment, that's millions of dollars saved in a matter of seconds."
"...the licensing needs to be improved. All the product features we need are there. It's just a matter of the complexity and the different offerings and trying to figure things out."
"Our company was very happy with the price of Cisco AMP. It was about a third of what we were paying for System Center Endpoint Protection."
"The pricing and licensing are reasonable. The cost of AMP for Endpoints is inline with all the other software that has a monthly endpoint cost. It might be a little bit higher than other antivirus type products, but we're only talking about a dollar a month per user. I don't see that cost as being an issue if it's going to give us the confidence and security that we're looking for. We have had a lot of success and happiness with what we're using, so there's no point in changing."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"The pricing is a little high. It is per user per year."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"It has reasonable pricing for the use cases it provides to the company."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"The solution is expensive. It's pricing is on a yearly-basis."
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
789,728 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Computer Software Company
Manufacturing Company
Financial Services Firm
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Financial Services Firm
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

What's the difference between Fortinet's FortiEDR and FortiClient?
I suggest Fortinet’s FortiEDR over FortiClient for several reasons. For starters, FortiEDR guarantees solid protectio...
What do you like most about Fortinet FortiEDR?
We have FortiEDR installed on all our systems. This protects them from any threats.
What is your experience regarding pricing and costs for Fortinet FortiEDR?
The pricing of the solution is on the high end compared to its offerings and capabilities.
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...

Also Known As

enSilo, FortiEDR
Cisco AMP for Endpoints
Cyvera, Cortex XDR, Palo Alto Networks Traps

Learn More

Video not available



Sample Customers

Financial, Healthcare, Legal, Technology, Enterprise, Manufacturing ... 
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
CBI Health Group, University Honda, VakifBank
Find out what your peers are saying about Cisco Secure Endpoint vs. Cortex XDR by Palo Alto Networks and other solutions. Updated: June 2024.
789,728 professionals have used our research since 2012.