Cortex XDR by Palo Alto Networks and Cisco Secure Endpoint are two leading solutions in the endpoint protection market. Cisco Secure Endpoint seems to have the upper hand due to its feature richness and ease of deployment.
Features: Cortex XDR offers advanced threat detection, powerful analytics, and integration with other Palo Alto Networks products. Cisco Secure Endpoint includes endpoint visibility, comprehensive threat intelligence, and a robust suite of security features.
Room for Improvement: Cortex XDR needs to enhance its reporting capabilities, ease the initial setup complexity, and improve user interface design. Cisco Secure Endpoint requires performance optimization, reduction in false positives, and better offline protection.
Ease of Deployment and Customer Service: Cortex XDR is moderately challenging to deploy but benefits from strong customer service support. Cisco Secure Endpoint is recognized for its relatively straightforward deployment process and excellent customer service.
Pricing and ROI: Cortex XDR offers a reasonable return on investment despite higher upfront setup costs. Cisco Secure Endpoint users feel the pricing and ROI are well-aligned with the comprehensive services, providing better value for the investment in relation to its extensive features and ease of deployment.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
Cortex XDR by Palo Alto Networks helps to reduce my total cost of ownership significantly.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
Cisco has good technical support, especially considering these are newer solutions compared to traditional routing and switching products.
The technical support from Palo Alto deserves a mark of ten because they reach out within an hour whenever assistance is needed.
There is no back and forth, and they know what we are asking for and come up with the best resolution for a solution.
If any of these services are missed, it becomes a problem in terms of support tickets, follow-up, or special configuration that needs to be done in the system.
Cisco Secure Endpoint is definitely scalable.
Cortex XDR by Palo Alto Networks can be expanded anytime by purchasing another license without any issues related to scalability.
We have not encountered any problems.
Cortex remains fast and responsive, even with increasing data and alerts.
The thresholds we've seen on our firewall boxes at some instances reached 80% to 85%, but even at that level of utilization, we don't observe any latency or any issues reported with respect to accessing the application.
Cortex XDR is stable, offering high quality and reliable performance.
The forensic capabilities need enhancement, especially for deep forensic data collection.
Improving reporting and dashboard customization, along with the addition of real-time and exportable reports, would help SOC teams greatly.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdStrike, Microsoft Defender, or SentinelOne.
The pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks.
I would say it is definitely not a cheap product, considering how mature it is and how scalable all Palo Alto products are together.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds.
| Product | Market Share (%) |
|---|---|
| Cortex XDR by Palo Alto Networks | 3.3% |
| Cisco Secure Endpoint | 1.3% |
| Other | 95.4% |
| Company Size | Count |
|---|---|
| Small Business | 21 |
| Midsize Enterprise | 14 |
| Large Enterprise | 21 |
| Company Size | Count |
|---|---|
| Small Business | 43 |
| Midsize Enterprise | 18 |
| Large Enterprise | 43 |
Cisco Secure Endpoint is a comprehensive endpoint security solution that natively includes open and extensible extended detection and response (XDR) and advanced endpoint detection and response (EDR) capabilities. Secure Endpoint offers relentless breach protection that enables you to be confident, be bold, and be fearless with one of the industry’s most trusted endpoint security solutions. It protects your hybrid workforce, helps you stay resilient, and secures what’s next with simple, comprehensive endpoint security powered by unique insights from 300,000 security customers and deep visibility from the networking leader.
Cisco Secure Endpoint was formerly known as Cisco AMP for Endpoints.
Reviews from Real Users
Cisco Secure Endpoint stands out among its competitors for a number of reasons. Two major ones are its ability to enable developers to easily secure their endpoints with one single operation using its management console and its advanced alerting techniques.
Tim C., an IT manager at Van Der Meer Consulting, writes, "The solution makes it possible to see a threat once and block it everywhere across all endpoints and the entire security platform. It has the ability to block right down to the file and application level across all devices based on policies, such as, blacklisting and whitelisting of software and applications. This is good. Its strength is the ability to identify threats very quickly, then lock them and the network down and block the threats across the organization and all devices, which is what you want. You don't want to be spending time working out how to block something. You want to block something very quickly, letting that flow through to all the devices and avoiding the same scenario on different operating systems."
Wouter H., a technical team lead network & security at Missing Piece BV, notes, "Any alert that we get is an actionable alert. Immediately, there is information that we can just click through, see the point in time, what happened, what caused it, and what automatic actions were taken. We can then choose to take any manual actions, if we want, or start our investigation. We're no longer looking at digging into information or wading through hundreds of incidents. There's a list which says where the status is assigned, e.g., under investigation or investigation finished. That is all in the console. It has taken away a lot of the administration, which we would normally be doing, and integrated it into the console for us."
Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.
Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.
What features does Cortex XDR offer?
What benefits should be considered in reviews?
Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.
We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
