

Find out in this report how the two Security Information and Event Management (SIEM) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.
Previously one to two hours were required to resolve major issues. Now it takes around ten to twenty minutes, representing approximately a sixty to seventy percent reduction in resolution time.
I have seen a return on investment with Coralogix, particularly in terms of time saved.
I see a return on investment in time saving.
I am satisfied with their response time and overall competence.
The support team has good technical knowledge and is able to understand log-related monitoring issues without much back and forth.
They are helpful, especially when we created several custom dashboards.
With premium support, core Palo Alto technical experts handle issues directly.
It is ineffective in terms of responding to basic queries and addressing future requirements.
I had a dedicated person allocated for supporting, and even with them, it was very good.
As our system usage and log volume increased, Coralogix was able to handle the growth without requiring any major changes from our side.
We have never faced any scalability issues.
Handling scaling with Coralogix is good, as it is easy to scale up or down as my needs change.
Without proper integration, scaling up with more servers is meaningless.
The SOC team is responsible for fully managing Cortex XSIAM.
Cortex XSIAM is highly scalable.
There are no downtimes, no crashes, or any performance issues that I've noticed since we started using it.
We use it continuously for monitoring and troubleshooting, and we have not faced any major stability issues that impacted our work significantly.
High CPU usage on one pod can be averaged out by others, concealing potential issues.
The product was easy to install and set up and worked right.
With continuous integration that the colleagues probably are doing, it is becoming better and better.
Overall, Cortex XSIAM is stable.
Coralogix already provides strong capabilities for centralized logging and monitoring, but enhancing these areas would make it even more efficient for large-scale environments in our telecom servers.
We require some form of grouping or categorization of logs to identify them better.
Coralogix should have some AI capabilities to auto-detect anomalies and provide suggestions.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
Cortex XSIAM is on the expensive side and requires substantial improvement in pricing.
Despite the expense, I believe it is worth the money to have Coralogix as a tool.
Currently, we are at a very minimal cost, which is around $400 per month since we have reduced our usage.
It is charged based on what we store.
The first impression is that XSIAM would be more expensive than others we tried.
The product is very expensive.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
I can monitor Kubernetes or Docker platforms as well, and I can integrate with the DevOps chain including Jenkins and all infrastructure code, Terraform, or Ansible.
Coralogix has positively impacted our organization by providing us with a clearer data flow, which allows us to analyze data better and find errors easier using the smart logs it offers.
Out of real-time analytics, cost-efficient storage, and AI-powered insights, the most valuable for my team has been the cost-efficient storage.
The advanced visualization capabilities of the product are important for understanding security trends in an organization.
To have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
| Product | Mindshare (%) |
|---|---|
| Cortex XSIAM | 1.7% |
| Coralogix | 1.2% |
| Other | 97.1% |

| Company Size | Count |
|---|---|
| Small Business | 8 |
| Midsize Enterprise | 7 |
| Large Enterprise | 11 |
| Company Size | Count |
|---|---|
| Small Business | 9 |
| Midsize Enterprise | 2 |
| Large Enterprise | 5 |
Coralogix provides a robust platform for real-time logging and analysis, offering seamless integration with cloud services and DevOps tools to enhance visibility and error detection.
Coralogix is recognized for facilitating efficient log management through intuitive drill-down capabilities and AI-powered anomaly detection. Its platform supports smooth integration with multiple cloud providers and DevOps tools, focusing on ease of use and effective data migration. Users benefit from rich visualization options like dashboards and alerts that accelerate error detection and root cause analysis. Despite its strengths, there is a call for improvements in cost management, user-friendliness, and the expansion of AI features. Users are also requesting better customization, integrated modules, and support for processing large data volumes.
What are Coralogix's standout features?Industries utilize Coralogix for log monitoring and metrics analysis, aiding in debugging, error detection, and performance monitoring with tools like Grafana. Organizations manage cloud application logs, identify system failures, and conduct real-time root cause analysis. Coralogix supports secure data handling, enhancing infrastructure, and transaction management for efficient developer access and log analysis.
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.
What are Cortex XSIAM's key features?
What benefits are evident in Cortex XSIAM reviews?
Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.
We monitor all Security Information and Event Management (SIEM) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.