Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Cybereason Endpoint Detection & Response comparison

Palo Alto Networks and Cybereason are both solutions in the Endpoint Protection Platform (EPP) category. Palo Alto Networks is ranked #4 with an average rating of 8.6, while Cybereason is ranked #35 with an average rating of 8.2. Palo Alto Networks holds a 3.7% mindshare in EPP, compared to Cybereason’s 0.8% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 85% of Cybereason users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 91 Cortex XDR by Palo Alto Networks reviews
  • 17,842 Views
  • 11,776 Comparison Views
95% willing to recommend
Cybereason Endpoint Detecti...
Read 22 Cybereason Endpoint Detection & Response reviews
  • 4,416 Views
  • 2,959 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Cortex XDR by Palo Alto Networks compete in the endpoint detection and response category. Cortex XDR appears to have the upper hand due to its comprehensive data correlation and more robust feature set.

Features: Cybereason Endpoint Detection & Response offers intuitive threat detection capabilities, automation features, and a straightforward deployment process. Cortex XDR by Palo Alto Networks provides comprehensive data correlation, advanced analytics, and superior customer support.

Room for Improvement: Cybereason Endpoint Detection & Response needs better scalability, improved integration with other security tools, and more stability during setup. Cortex XDR users report a need for more granular control, advanced analytics, and simplified deployment processes.

Ease of Deployment and Customer Service: Cybereason Endpoint Detection & Response offers a straightforward deployment with supportive customer service, though some users experience setup complications. Cortex XDR has a more complex deployment but provides superior customer support and guided assistance.

Pricing and ROI: Cybereason Endpoint Detection & Response is generally more affordable, delivering favorable ROI for small to medium-sized enterprises. Cortex XDR by Palo Alto Networks is more costly but delivers significant value and ROI through its advanced features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response Report (Updated: July 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
July 2025
Download the complete report
Helped 864,053 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.7
Cortex XDR enhances threat prevention, compliance, and cost efficiency, providing rapid ROI and improved security and user satisfaction.
Sentiment score
1.0
Cybereason enhances cybersecurity by blocking malicious connections, improving threat management, reducing response time, and delivering ROI within 24 months.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
 

Customer Service

Sentiment score
6.6
Palo Alto Networks' customer service receives mixed reviews due to language barriers, response times, and inconsistent technical support quality.
Sentiment score
5.0
Cybereason support is praised for competence and responsiveness, but users desire faster issue escalation and more timely solutions.
Their support is efficient and responsive whenever I raise a ticket through my portal.
Every vendor has similar support; it depends on how the case is handled and raised.
I would rate technical support from Palo Alto on a scale from one to ten as an eight, as I find it good.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
Nine is great actually since we have people available when we ask, and they know what they are talking about.
if you're a partner with them, they provide fairly good support through a concept called invest support.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
NiteshSharma - PeerSpot reviewer
EC
PK
reviewer2642739 - PeerSpot reviewerIvan Burke - PeerSpot reviewer
 

Scalability Issues

Sentiment score
7.6
Cortex XDR excels in scalability and adaptability across environments, supporting diverse systems with seamless deployment and reliable expansion.
Sentiment score
6.2
Cybereason EDR efficiently scales for large organizations, offering seamless deployment and robust performance for millions of endpoints.
 

Stability Issues

Sentiment score
8.0
Cortex XDR by Palo Alto Networks is stable and reliable, with quick bug fixes and consistent performance across platforms.
Sentiment score
5.5
<p>Cybereason Endpoint Detection &amp; Response is stable and reliable, though integration issues and cloud downtime concern some users.</p>
Cortex XDR is stable, offering high quality and reliable performance.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
We inform Cybereason about any issues, and they work on a new solution, either with an update or a custom fix in anticipation of the next update.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
EC
PK
reviewer2642739 - PeerSpot reviewer
 

Room For Improvement

Users find Cortex XDR challenging due to integration issues, high memory usage, limited features, and a need for improvements.
Cybereason EDR needs improvements in support, integration, reporting, and stability, with user challenges in Linux and PowerShell.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
PK
NiteshSharma - PeerSpot reviewer
EC
 

Setup Cost

Cortex XDR offers flexible licensing, valued for complex security needs, but perceived as costly and variable in international markets.
Cybereason offers competitive pricing based on endpoints, appreciated for no extra fees, though some features may fall short.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
 

Valuable Features

Cortex XDR ensures comprehensive protection with AI-driven analytics, multi-layered threat detection, and seamless integration, enhancing security management.
Cybereason EDR uses AI for real-time threat detection, offering agility, automation, and compatibility across multiple operating systems.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
What I find most valuable is the clarity of the platform.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
EC
NiteshSharma - PeerSpot reviewer
PK
reviewer2642739 - PeerSpot reviewer
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
91
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
35th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
Endpoint Detection and Response (EDR) (24th)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.9% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 0.8%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

NiteshSharma - PeerSpot reviewer
Automated threat response and behavioral control improve security measures
I recommend adding a data loss prevention (DLP ( /categories/data-loss-prevention-dlp )) solution to Cortex XDR ( /categories/extended-detection-and-response-xdr ) by Palo Alto Networks. The inclusion of this feature would allow the application of DLP ( /categories/data-loss-prevention-dlp ) policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products. Additionally, multi-tenancy and multi-cloud features are not available and should be considered for inclusion.
Read full review
Ivan Burke - PeerSpot reviewer
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
See recommendations
864,053 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
15%
Financial Services Firm
11%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
We use it to improve detection in the whole industrial sector. We are a big energy company. Across multiple endpoints, we deploy the EDR to secure all, improve detection, and also attempt to automa...
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 10% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
Darktrace vs Cybereason Endpoint Detection & Response Logo
Darktrace vs Cybereason Endpoint Detection & Response
Compared 27% of the time
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 13% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 10% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 9% of the time
Sentinel vs Cybereason Endpoint Detection & Response Logo
Sentinel vs Cybereason Endpoint Detection & Response
Compared 2% of the time
More Cybereason Endpoint Detection & Response Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
July 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Cybereason Endpoint Detection & Response
July 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
July 2025
Free Report: Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response and other solutions. Updated: July 2025.
DOWNLOAD NOW
864,053 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Protection Platform (EPP) vendors and best Endpoint Detection and Response (EDR) vendors.

We monitor all Endpoint Protection Platform (EPP) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.