No more typing reviews! Try our Samantha, our new voice AI agent.

Cisco Secure Endpoint vs N-able EDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Cisco Secure Endpoint
Ranking in Endpoint Detection and Response (EDR)
26th
Average Rating
8.6
Reviews Sentiment
7.2
Number of Reviews
49
Ranking in other categories
Endpoint Protection Platform (EPP) (29th), Cisco Security Portfolio (8th)
N-able EDR
Ranking in Endpoint Detection and Response (EDR)
50th
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
4
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Cisco Secure Endpoint is 1.3%, down from 1.6% compared to the previous year. The mindshare of N-able EDR is 0.7%, up from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Cisco Secure Endpoint1.3%
N-able EDR0.7%
Other94.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JavedHashmi - PeerSpot reviewer
Chief Technology Officer at Future Point Technologies
Reliable threat protection is achieved while integration and analysis capabilities need refinement
Cisco Secure Endpoint is very good in machine learning, which allows it to secure offline contents even if not connected to the internet. We haven't encountered a single breach after it's deployed. It controls USB devices and has a separate antivirus solution called Tetra, providing security even for real-time, day-zero attacks through its strong Talos threat intelligence platform.
NM
Senior Operations Specialist at Tagit cc
Reporting effectiveness and advanced AI capabilities improve threat awareness while needing pricing simplification and licensing self-service
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If they could bundle it as one solution and show the capabilities or features, they would be able to sell it more effectively, and as resellers, we could sell it to customers more easily. The technical support is responsive, but sometimes we experience limitations regarding the ability to add licensing. They could implement a self-service platform for assigning new licenses or ordering more. Currently, we depend on contacting someone who sends a new contract to sign through the process. They could change their licensing model, though I am not the right person to comment on functionality. On the reporting side, everything is covered.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"The solution doesn't need a high level of technical training."
"The product's initial setup phase is very easy."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"Has great threat detection capabilities."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"I did the initial setup myself and it was really easy and straightforward."
"I'm only using the AMP (advanced malware protection) which is protecting my file system from all the malicious things that might happen. It should protect all kinds of things that might happen on the servers, things that I cannot see."
"Among the most valuable features are the exclusions. And on the scalability side, we can integrate well with the SIEM orchestration engine and a number of applications that are proprietary or open source."
"Secure Endpoint has decreased our time to remediate by providing the tools and the integrations we need so we can quickly look across our entire network, look for those threats, and actually make good decisions."
"The simplicity of use is its most valuable feature, where you can very clearly see things, go back in time and get details of where the malware started, what happened, and where it went from the minute it got in, with a good scope and a good ability to shut it down and then go back and see what happened."
"There are several valuable features including strong prevention and exceptional reporting capabilities."
"The solution's integration capabilities are excellent. It's one of the best features."
"Real-time threat prevention using sandboxing, file trajectory, and retrospective security."
"The most valuable features are the rollback feature, it's important for us. The AI models and are good."
"It provides visibility and a storyline to track the virus or malware's activities, showing infected processes and changes made."
"We have been using this solution for quite some time, and the AI functionality is quite advanced; we are able to provide insights on different aspects and read the reports easily."
"The most valuable feature, which I can describe as the '360 vision' of the inventory device, provides a complete view of all the devices."
 

Cons

"Whenever the tool releases a new version when deploying the product across the organization, I feel like there are some disturbances in the CPU usage after upgrading the tool to the latest version."
"Cortex XDR by Palo Alto Networks is a strong tool, but it is true that digesting information sometimes makes the tool go a little bit slower."
"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"Additionally, I think the price is very high, and if it can be adjusted, I believe it will be a very good solution."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"The onboarding process could be better."
"There are some false positives."
"For working with the solution, you only really need a web browser, however, we've found that working on Chrome, for example, is horrible."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms."
"The Linux agent is a simple offline classic agent, and it doesn't support Secure Boot, which is important to have on a Linux machine. The Linux agent has conflicts with other solutions, including the Exploit Prevention system found in Windows servers. We didn't find a fix during troubleshooting, and Cisco couldn't offer one either. Eventually, we had to shut down the Exploit Prevention system. We didn't like that as we always want a solution that can fit smoothly into the setup without causing problems, especially where security is concerned. The tool also caused CPU spikes on our production machine, and we were seriously considering moving to another product."
"In terms of the user experience, if the UX design could be much simpler [that would improve things]... if they could make it more intuitive for someone who is not an engineer so that they still can read what's going on in their webpage and understand, that would be something."
"Logging could be better in terms of sending more logs to Cisco Firepower or Cisco ASA. That's an area where it could be made better."
"In Orbital, there are tons of prebuilt queries, but there is not a lot of information in lay terms. There isn't enough information to help us with what we're looking for and why we are looking for it with this query. There are probably a dozen queries in there that really focus on what I need to focus on, but they are not always easy to find the first time through."
"The product does not provide options like tunnel creation or virtual appliances."
"You need a certain level of technical experience because the console is not the easiest thing to look at."
"Due to the complexity of the technology that is used and its advanced threat detection capabilities, it is possible to encounter many delays in operation."
"I would like to see them add support for both Android and iOS smartphones."
"I would rate the scalability as seven out of ten. The capability is useful. Concerning the license, if I add one more device without a license, it will automatically subscribe to a license. I do not appreciate that."
"We have a lot of false positives we see in the dashboard. I think this is the only problem we are facing."
"With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process."
 

Pricing and Cost Advice

"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"I don't recall what the cost was, but it wasn't really that expensive."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"It has a yearly renewal."
"The price of the solution is high for the license and in general."
"I don't like that they have different types of licenses."
"The price is very good."
"​Pricing can be more expensive than similar software that does less functionality, but not recognized by customers.​"
"We can know if something bad is potentially happening instantaneously and prevent it from happening. We can go to a device and isolate it before it infects other devices. In our environment, that's millions of dollars saved in a matter of seconds."
"The price is very fair to the customer."
"There are a couple of different consumption models: Pay up front, or if you have an enterprise agreement, you can do a monthly thing. Check your licensing possibilities and see what's best for your organization."
"The costs of 50 licenses of AMP for three years is around $9,360."
"It is an expensive solution."
"The solution is highly affordable; I believe we pay $2 or $3 per endpoint. It's significantly cheaper than the competitors on the market."
"The pricing is average."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
8%
Construction Company
7%
Government
7%
Manufacturing Company
20%
Comms Service Provider
14%
Transportation Company
11%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business21
Midsize Enterprise15
Large Enterprise21
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Cisco Secure Endpoint?
Cisco is aggressive in pricing, making it competitive and sometimes even cheaper than other good products like CrowdS...
What needs improvement with Cisco Secure Endpoint?
Cisco Secure Endpoint lacks features like DLP which other vendors offer. XDR is new, so integration capabilities with...
What is your primary use case for Cisco Secure Endpoint?
We deployed Cisco Secure Endpoint for our customers two to three years back. The use case was to secure their endpoin...
What needs improvement with N-able EDR?
With pricing, they can improve by bundling their pricing because sometimes billing comes in a very long process. If t...
What is your primary use case for N-able EDR?
We are using N-able EDR, but I think Sophos makes sense because of the environment we operate in. The localization an...
What advice do you have for others considering N-able EDR?
I am more focused on operations and procurement. The decision to use this solution was made before I joined the compa...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cisco AMP for Endpoints
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Heritage Bank, Mobile County Schools, NHL University, Thunder Bay Regional, Yokogawa Electric, Sam Houston State University, First Financial Bank
Information Not Available
Find out what your peers are saying about Cisco Secure Endpoint vs. N-able EDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.