We performed a comparison between Cortex XDR by Palo Alto Networks and Cisco SecureX based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Features: Cortex XDR presents an intuitive interface, advanced identification of risks, expandability, and compatibility with various other solutions. Cisco SecureX earns high marks for its automated utilities, comprehensive visibility, and seamless integration with external resources. Meanwhile, Cortex XDR could use enhancements in hard disk encryption, security integration, and customer education. Users say Cisco SecureX needs better documentation and integration with on-premises systems. It would also benefit by expanding its compatibility with third-party solutions.
Service and Support: Some customers were impressed with Palo Alto’s support, while others reported mixed experiences. Some users describe Cisco support as dependable and efficient, while others noted a decline in quality due to personnel changes.
Ease of Deployment: Some users thought Cortex XDR’s deployment was fast and straightforward, while others consider it to be a complex and time-consuming task that requires thorough planning. Setting up Cisco SecureX is generally considered to be straightforward in cloud environments, but it requires more effort to integrate the solution with on-premise products.
Pricing: Some reviewers said Cortex XDR is expensive, but others said it was reasonable for the robust feature set Cortex offers. A few users said Cisco SecureX’s price could be lower, given that it is included for free with certain Cisco products.
ROI: Cortex XDR creates value by ensuring system and data security rather than a financial return on investment. Cisco SecureX provides a positive ROI by speeding up detection and resolution. It also decreases workloads through automation and proactive information gathering.
Comparison Results: Our users prefer Cortex XDR over Cisco SecureX. Cortex XDR stands out for its comprehensive platform and valuable features. Users praised its ease of use, threat identification capabilities, and minimal hardware resource consumption.
"The incident threat response and its ability to facilitate effective remediation against threats are the standout features."
"The most valuable feature is the network security."
"We can automate routine tasks and write scripts to carry out difficult tasks, which makes things easier for us."
"The product is very easy to use."
"For me, the advanced hunting capabilities have been really great. It allowed querying the dataset with their own language, which is KQL or Kusto Query Language. That has allowed me to get much more insight into the events that have occurred. The whole power of 365 Defender is that you can get the whole story. It allows you to query an email-based activity and then correlate it with an endpoint-based activity."
"Setting up Microsoft 365 Defender is easy. It's a user-friendly solution that provides threat protection. It has good stability and scalability."
"The most valuable feature of the solution stems from the fact that Microsoft Defender XDR is easy to integrate with other Microsoft platforms or products."
"It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."
"Our customers find the product's third-party integrations valuable. Our customers are also impressed with the tool's capability to pick up third-party threat feeds and use that as part of the decision-making process."
"SecureX takes all the separate pieces of security within your company, adds in intelligence from different sites and services on the internet, and makes them work together."
"Integrates well with our existing security infrastructure."
"One of the most valuable features is the simplicity of deploying SecureX. It's very easy to do that and then you gain very detailed visibility into everything that's going on in your network and, obviously, at the device level. There's just a wealth of information that you can pull from all of these products that are part of SecureX. You know exactly if you have an issue or not."
"I like that I don't have to jump around to five different products and log into five different places to view the data that it returns."
"Using SecureX, a tool provided by Cisco, we can easily integrate it with many of our other Cisco products such as Cisco ISE and many networking devices."
"The ability to create firewalls online has been most valuable including the ability to create rules."
"The forensics are amazing because when you have enrichment, and the solutions talk with each other, when you need it, you have the ability to know everything in the organization: when, why, whatever."
"When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
"Its interface and pricing are most valuable. It is better than other vendors in terms of security."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"Palo Alto is constantly adding new features."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"We can visualize and control the activities in the environment from anywhere."
"WildFire AI is the best option for this product."
"It is easy to use."
"The advanced threat-hunting capabilities are phenomenal, and the security copilot enhances that, but some data elements could be better or have more context inside of the advanced tables themselves. The schemas feel a little limited to what they're building into the product. It's probably just a maturity thing. I imagine we'll see the features I want in the next year."
"The interface could be improved. For example, if you want to do a phishing simulation for your employees, it can take a while to figure out what to do. The interface is a bit messy and could be updated. It isn't too bad, but doing some things can be a long process."
"There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups."
"It would be helpful if the solution could scan faster when it comes to scanning attachments to emails."
"Sometimes, configurations take much longer than expected."
"Defender also lacks automated detection and response. You need to resolve issues manually. You can manage multiple Microsoft security products from a single portal, and all your security recommendations are in one place. It's easy to understand and manage. However, I wouldn't say Defender is a single pane of glass. You still need to switch between all of the available Microsoft tools. You can see all the alerts in one panel, but you can't automate remediation."
"The solution could improve by having better machine learning and AI. Additionally, the interface, documentation, and integration could be better."
"There are a few technical issues with Defender XDR that can be improved. Sometimes, the endpoint devices are not reporting properly to the Defender 365 portal. When you're getting all the information from the Microsoft portal, the devices are sometimes not in sync. We have hundreds of endpoint devices, some needing to be onboarded again."
"One of the improvements the product needs is more integration with collaboration platforms."
"For us, the biggest sticking point is that the product is not being designed for multi-tenancy use at present, from an MSP perspective."
"Enhancing automation capabilities could further improve the product."
"They could expand into more areas. The more third-parties that we have tied into it, the better. The capabilities are there. As they just continue to involve the product, the more things that you can look into, then the more analytics that you can get. Also, the more data that we can get, then the better off we will be."
"The front-end work controls the new algorithm and the firewall rules. The search feature of these rules could be improved."
"They could put in more third-party [integrations]... also more playbooks, out-of-the-box, for automation [would be helpful]."
"I'm not sure that I would call it a bug, but sometimes the solution is a little slow."
"I would like it to integrate with another solution, e.g., DNA. I would like it to connect to that solution, but not the security aspect."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"The product's pricing could be better."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cisco SecureX is ranked 12th in Extended Detection and Response (XDR) with 13 reviews while Cortex XDR by Palo Alto Networks is ranked 3rd in Extended Detection and Response (XDR) with 80 reviews. Cisco SecureX is rated 9.0, while Cortex XDR by Palo Alto Networks is rated 8.4. The top reviewer of Cisco SecureX writes "Gives our customers visibility and they don't have to go multiple management consoles anymore". On the other hand, the top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". Cisco SecureX is most compared with Trend Vision One, Splunk SOAR, Cisco Secure Network Analytics, Fortinet FortiSOAR and Microsoft Defender for Cloud, whereas Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trend Micro Apex One. See our Cisco SecureX vs. Cortex XDR by Palo Alto Networks report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
