No more typing reviews! Try our Samantha, our new voice AI agent.

ConnectWise SIEM vs Cortex XDR by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

ConnectWise SIEM
Ranking in Endpoint Detection and Response (EDR)
55th
Average Rating
8.6
Reviews Sentiment
6.6
Number of Reviews
3
Ranking in other categories
Security Information and Event Management (SIEM) (48th), Secure Access Service Edge (SASE) (22nd), Managed Detection and Response (MDR) (24th)
Cortex XDR by Palo Alto Net...
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of ConnectWise SIEM is 0.8%, up from 0.2% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
ConnectWise SIEM0.8%
Other95.6%
Endpoint Detection and Response (EDR)
 

Featured Reviews

reviewer2711757 - PeerSpot reviewer
Cyber Security Software Engineer at a tech services company with 11-50 employees
Automated alerting and reporting excel while cost and feature limitations remain
I find automation to be one of the best and most valuable features of the product. Machine learning is incorporated into the solution, though AI is a broader term that I wouldn't apply here. I haven't personally explored AI yet, but I will investigate it. Machine learning functions more as automation in my experience, as there's no training involved yet. I want to conduct R&D on another project with Wazuh to determine how to capture usage, for example, tracking user logins and time spent. This is where I need to implement machine learning. Additionally, the extraction of GeoIP adds complexity. The solution is effectively reducing incident response times in operations.
ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The integration capabilities of ConnectWise SIEM are off the shelf, making it easy to buy and use; you just unpack it and use it."
"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."
"We have found the solution has great functionality and it is easy to use."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning."
"I like the centralized console and the predictive analysis it does of malware. It is very stable and also scalable."
"Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."
"But overall, when we speak about security and protection, they are one of the top providers."
"The stability is pretty good except for one or two cases, and based on the performance, it's been okay with pretty high performance, no bugs or glitches, and it doesn't crash or freeze."
"Monitoring is most valuable."
"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."
 

Cons

"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."
"ConnectWise SIEM is primarily focused on notifications and is limited in that aspect, while Wazuh can automate the elimination process."
"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."
"For Cortex XDR by Palo Alto Networks, if I had to point out improvements, I would say the UI is still somewhat difficult for beginners."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"Dashboards do not allow everyone to see what's happening."
"The setup is quite easy. We had appropriate support from the manager. One thing that was missing was the integration part."
"A little bit more automation would be nice."
"Managing the product should be easier."
"The configuration could be simplified. I would like to see better protection, specifically to protect email applications."
"The price could be a little lower."
 

Pricing and Cost Advice

"The solution is expensive."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"I don't recall what the cost was, but it wasn't really that expensive."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"It has reasonable pricing for the use cases it provides to the company."
"Very costly product."
"It has a yearly renewal."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
15%
Construction Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
 

Questions from the Community

What needs improvement with ConnectWise Fortify?
I haven't utilized the advanced threat intelligence capabilities with ConnectWise SIEM. Advanced threat intelligence is an option, but I haven't explored this feature yet. The advanced threat intel...
What is your primary use case for ConnectWise Fortify?
I do not have experience with ConnectWise SIEM for RMM, as I mostly work on Wazuh, and I have a team that handles ConnectWise SIEM. I'm linking with them, serving as the bridge. I am solely working...
What advice do you have for others considering ConnectWise Fortify?
The review can be made anonymous if just my name and not the company name is used. I would assess the real-time visibility for my organization as somewhat real-time, but it's not fully real-time. T...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
 

Also Known As

ConnectWise Security Management, ConnectWise Fortify, Continuum Fortify, ConnectWise SIEM, ConnectWise SASE
Cyvera, Cortex XDR, Palo Alto Networks Traps
 

Overview

 

Sample Customers

Techvera, Syrex, Clark Integrated Technologies
CBI Health Group, University Honda, VakifBank
Find out what your peers are saying about ConnectWise SIEM vs. Cortex XDR by Palo Alto Networks and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.