No more typing reviews! Try our Samantha, our new voice AI agent.

ConnectWise SIEM vs Kaspersky Next EDR Expert comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
ConnectWise SIEM
Ranking in Endpoint Detection and Response (EDR)
55th
Average Rating
8.6
Reviews Sentiment
6.6
Number of Reviews
3
Ranking in other categories
Security Information and Event Management (SIEM) (48th), Secure Access Service Edge (SASE) (22nd), Managed Detection and Response (MDR) (24th)
Kaspersky Next EDR Expert
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
8.2
Reviews Sentiment
6.5
Number of Reviews
51
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of ConnectWise SIEM is 0.8%, up from 0.2% compared to the previous year. The mindshare of Kaspersky Next EDR Expert is 1.2%, down from 1.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next EDR Expert1.2%
ConnectWise SIEM0.8%
Other94.4%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer2711757 - PeerSpot reviewer
Cyber Security Software Engineer at a tech services company with 11-50 employees
Automated alerting and reporting excel while cost and feature limitations remain
I find automation to be one of the best and most valuable features of the product. Machine learning is incorporated into the solution, though AI is a broader term that I wouldn't apply here. I haven't personally explored AI yet, but I will investigate it. Machine learning functions more as automation in my experience, as there's no training involved yet. I want to conduct R&D on another project with Wazuh to determine how to capture usage, for example, tracking user logins and time spent. This is where I need to implement machine learning. Additionally, the extraction of GeoIP adds complexity. The solution is effectively reducing incident response times in operations.
Ravi-Upadhyay - PeerSpot reviewer
Founder at Inspira Enterprise
Provides strong threat detection and response through behavior analytics and network isolation
I have found the most valuable features of Kaspersky Endpoint Detection and Response Expert to be its ability to tackle the biggest challenges customers face when they have to mitigate any kind of a malware, ransomware attack, or online theft scenarios. The solution utilizes its HIPS, which is the host intrusion prevention system, behavior analytics system, and device control mechanism, making the antivirus capabilities of EDR quite strong. It is able to detect zero-day threats as well as historical or legacy malware, providing protection against current threats in the market and legacy malware. My opinion on the advanced threat detection algorithms in Kaspersky Endpoint Detection and Response Expert is that the ATP functionality is quite strong because it utilizes the behavioral analytics engine in the backend, which employs machine learning mechanisms to identify any kind of vulnerability or exploit running on the operating system level and the network level. If an attack is about to happen on the endpoint, it is able to protect over the network as well and checks for any illegitimate encryption activities. The machine learning capability within Kaspersky Endpoint Detection and Response Expert has contributed to improving detection accuracy and reducing false positives in my environment by helping me identify malicious activity and differentiate between any malicious activity on the operating system level and on the network level. I have seen customers with in-house developed applications that have no public signatures available. Once I whitelist a particular application, it intelligently whitelists not only the executable but also all the dependent services required to run that application. Furthermore, Kaspersky Endpoint Detection and Response Expert has successfully blocked network-level attacks on the endpoint. For example, during a recent DoS attack aimed at choking the entire network, Kaspersky detected the attack, isolated the device in a sandbox network, and alerted my SOC team via email for corrective action, thereby proactively helping me detect and protect devices from malicious attacks.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier."
"The tool is designed to scale for large enterprises and handle large volumes of data."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"These days it's machine-learning technology and behavior-based analytics features that make us more secure."
"I recommend this solution to others because it is easy to manage, reliable, and overall good to use."
"The solution doesn't need a high level of technical training."
"From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference."
"We have found the solution has great functionality and it is easy to use."
"The integration capabilities of ConnectWise SIEM are off the shelf, making it easy to buy and use; you just unpack it and use it."
"One valuable feature of ConnectWise Fortify is the ability to add other teams and receive notifications when customers make changes or remove multi-factor authentication in Microsoft or SAP environments."
"Kaspersky EDR is an advanced version of the company's standard security solution that provides some enhanced detection and response features."
"This is a feature-rich product."
"In terms of effectiveness, it's the best; it is easy to set up, the product is stable, and we can scale the solution."
"Stability-wise, I rate the solution a ten out of ten."
"Its customer service is quite good."
"The most valuable feature of Kaspersky Endpoint Detection and Response is security, as it has better security than other solutions, such as Symantec."
"The solution does a good job of filtering and blocking unusual traffic."
"The installation of the physical servers is very simple, but the software is not that simple."
 

Cons

"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"There are some limitations on the Traps agents."
"If Palo Alto reduces the pricing slightly for their products, it would make them more scalable in markets such as India and globally for cybersecurity."
"A little bit more automation would be nice."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"The manage portion of the solution is complicated and should be simplified by having different versions to meet the needs of different size companies."
"ConnectWise Fortify could work on covering more areas, like phishing messages, which have become more complicated to detect."
"ConnectWise SIEM is primarily focused on notifications and is limited in that aspect, while Wazuh can automate the elimination process."
"Everything is automatic on Kaspersky but it would be great if they could add a feature for examining suspicious files."
"Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit."
"Installing Kaspersky is complex. It requires more work from system admins and takes almost one week to deploy, including integration and mapping with other solutions. You also have to configure Kaspersky EDR sandboxing then set up permissions for various teams and customers."
"Device control is lacking in EDR."
"The product should release more frequent updates. The tool needs to improve its scalability as well."
"The solution can improve by providing automatic fixing of vulnerabilities and reducing the resources used in the server component and endpoint agent. They are very bulky and use a lot of CPU, memory, and hard drive resources."
"The system can be heavy, slowing down performance."
"The solution is expensive in comparison to CheckPoint and Fortinet."
 

Pricing and Cost Advice

"I feel it is fairly priced."
"The price is on the higher side, but it's okay."
"The pricing is a little bit on the expensive side."
"I don't like that they have different types of licenses."
"The tool's price is moderate."
"Very costly product."
"The pricing is okay, although direct support can be expensive."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"The solution is expensive."
"Kaspersky's pricing is very competitive when it comes to comparison with the other solutions."
"We were on a three-year license to use Kaspersky Endpoint Detection and Response. The price could be better."
"We have been satisfied with the license of the solution."
"Pricing for Kaspersky Endpoint Detection and Response is so-so when you compare it with its competitors. Its pricing isn't cheap nor expensive."
"The solution's cost is reasonable compared to other vendors."
"The price of the solution could be reduced."
"Endpoint's pricing is good, especially compared to expensive solutions like Sophos."
"The pricing is reasonable. Not too cheap, not too expensive."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
903,871 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
11%
Comms Service Provider
9%
Computer Software Company
15%
Construction Company
12%
Comms Service Provider
10%
Financial Services Firm
7%
Construction Company
9%
Financial Services Firm
9%
Computer Software Company
9%
Comms Service Provider
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise4
Large Enterprise18
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with ConnectWise Fortify?
I haven't utilized the advanced threat intelligence capabilities with ConnectWise SIEM. Advanced threat intelligence ...
What is your primary use case for ConnectWise Fortify?
I do not have experience with ConnectWise SIEM for RMM, as I mostly work on Wazuh, and I have a team that handles Con...
What advice do you have for others considering ConnectWise Fortify?
The review can be made anonymous if just my name and not the company name is used. I would assess the real-time visib...
What needs improvement with Kaspersky Endpoint Detection and Response Expert?
The user interface of Kaspersky Endpoint Detection and Response Expert could be more intuitive, and I would appreciat...
What is your primary use case for Kaspersky Endpoint Detection and Response Expert?
My usual use cases for Kaspersky Endpoint Detection and Response Expert involve detecting ransomware earlier and proa...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ConnectWise Security Management, ConnectWise Fortify, Continuum Fortify, ConnectWise SIEM, ConnectWise SASE
Kaspersky EDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Techvera, Syrex, Clark Integrated Technologies
Ferrari, Insolar, Tael, Republic of Serbia
Find out what your peers are saying about ConnectWise SIEM vs. Kaspersky Next EDR Expert and other solutions. Updated: June 2026.
903,871 professionals have used our research since 2012.