Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Cybereason Endpoint Detection & Response comparison

Palo Alto Networks and Cybereason are both solutions in the Endpoint Detection and Response (EDR) category. Palo Alto Networks is ranked #9 with an average rating of 8.7, while Cybereason is ranked #34 with an average rating of 7.3. Palo Alto Networks holds a 3.8% mindshare in EDR, compared to Cybereason’s 1.1% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 85% of Cybereason users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 92 Cortex XDR by Palo Alto Networks reviews
  • 15,111 Views
  • 8,764 Comparison Views
95% willing to recommend
Cybereason Endpoint Detecti...
Read 22 Cybereason Endpoint Detection & Response reviews
  • 3,883 Views
  • 2,563 Comparison Views
85% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Sep 9, 2024

Cybereason Endpoint Detection & Response and Cortex XDR by Palo Alto Networks compete in the endpoint detection and response category. Cortex XDR appears to have the upper hand due to its comprehensive data correlation and more robust feature set.

Features: Cybereason Endpoint Detection & Response offers intuitive threat detection capabilities, automation features, and a straightforward deployment process. Cortex XDR by Palo Alto Networks provides comprehensive data correlation, advanced analytics, and superior customer support.

Room for Improvement: Cybereason Endpoint Detection & Response needs better scalability, improved integration with other security tools, and more stability during setup. Cortex XDR users report a need for more granular control, advanced analytics, and simplified deployment processes.

Ease of Deployment and Customer Service: Cybereason Endpoint Detection & Response offers a straightforward deployment with supportive customer service, though some users experience setup complications. Cortex XDR has a more complex deployment but provides superior customer support and guided assistance.

Pricing and ROI: Cybereason Endpoint Detection & Response is generally more affordable, delivering favorable ROI for small to medium-sized enterprises. Cortex XDR by Palo Alto Networks is more costly but delivers significant value and ROI through its advanced features.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response Report (Updated: September 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
September 2025
Download the complete report
Helped 872,706 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.3
Cortex XDR enhances security, reduces costs, boosts threat identification, compliance, and user confidence, offering cost-effective data protection.
Sentiment score
1.0
Cybereason EDR boosts network visibility, reduces threat response time by 50%, and offers ROI in 12-24 months.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
 

Customer Service

Sentiment score
6.6
Cortex XDR support is responsive and knowledgeable, despite occasional delays and regional language barriers affecting resolution times.
Sentiment score
5.0
Cybereason's customer service is competent and knowledgeable, though escalations can cause delays, especially without partnership status.
They did well with handling high-risk threats.
Their support is efficient and responsive whenever I raise a ticket through my portal.
Every vendor has similar support; it depends on how the case is handled and raised.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
Nine is great actually since we have people available when we ask, and they know what they are talking about.
if you're a partner with them, they provide fairly good support through a concept called invest support.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
HectorRios - PeerSpot reviewerNiteshSharma - PeerSpot reviewer
EC
reviewer2642739 - PeerSpot reviewerIvan Burke - PeerSpot reviewer
 

Scalability Issues

Sentiment score
7.5
Cortex XDR is praised for smooth scalability, managing diverse endpoints, and effective expansion in various organizational sizes.
Sentiment score
6.2
<p>Cybereason Endpoint Detection &amp; Response is highly scalable, effectively supporting large organizations with seamless expansion and flexible adaptation.</p>
 

Stability Issues

Sentiment score
8.0
Cortex XDR is stable, with resolved bugs and ongoing improvements, earning high stability ratings from users.
Sentiment score
5.5
Cybereason EDR is reliable with occasional upgrade issues, but improves system speed, and support resolves performance concerns.
Cortex XDR is stable, offering high quality and reliable performance.
All the situations and issues were controlled in a good way by Cortex XDR by Palo Alto Networks.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
We inform Cybereason about any issues, and they work on a new solution, either with an update or a custom fix in anticipation of the next update.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
EC
HectorRios - PeerSpot reviewer
PK
reviewer2642739 - PeerSpot reviewer
 

Room For Improvement

Cortex XDR struggles with compatibility, high memory usage, difficult management, limited features, and needs better integration, UI, and pricing.
Cybereason needs better support, simpler deployment, and enhanced features, including automation, dashboard design, and compatibility improvements.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
PK
NiteshSharma - PeerSpot reviewer
EC
 

Setup Cost

Enterprise buyers find Cortex XDR expensive, but competitive, with flexible licensing; costs vary by usage, features, and setup.
Cybereason offers a competitively priced, comprehensive EDR solution with potential cost benefits for experienced users in enterprises.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
No quotes available
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
 

Valuable Features

Cortex XDR offers robust endpoint security with advanced threat detection, ease of use, seamless integration, and real-time monitoring capabilities.
Cybereason EDR offers real-time threat visibility, automatic isolation, and extensive threat-hunting for efficient endpoint management and minimal false positives.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
For more quotes and insights, download the Cortex XDR by Palo Alto Networks report
What I find most valuable is the clarity of the platform.
For more quotes and insights, download the Cybereason Endpoint Detection & Response report
NiteshSharma - PeerSpot reviewer
EC
PK
reviewer2642739 - PeerSpot reviewer
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
5th
Ranking in Endpoint Detection and Response (EDR)
9th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
92
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
Cybereason Endpoint Detecti...
Ranking in Endpoint Protection Platform (EPP)
41st
Ranking in Endpoint Detection and Response (EDR)
34th
Average Rating
7.8
Reviews Sentiment
5.6
Number of Reviews
22
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of October 2025, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, down from 4.6% compared to the previous year. The mindshare of Cybereason Endpoint Detection & Response is 1.1%, down from 1.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.8%
Cybereason Endpoint Detection & Response1.1%
Other95.1%
Endpoint Detection and Response (EDR)
 

Featured Reviews

HectorRios - PeerSpot reviewer
Has detected high-risk threats effectively and provides strong behavioral protection
They did well with handling high-risk threats. I would rate Palo Alto support an eight or nine. I would give them an eight because in the majority of cases, we talk with local partners, and only in case of an emergency or a difficult issue, we jump to Palo Alto support. When we had that experience with Palo Alto support, it was nice service, but it was really difficult to get it. To jump from the partner to Palo Alto directly was challenging. I understand that it's part of the service, as the local partner just jumps up to Palo Alto support in case they need it. In some cases, when we faced an important issue, it was preferred to jump directly to Palo Alto to save time.
Read full review
Ivan Burke - PeerSpot reviewer
Offers useful threat hunting and response capabilities but struggles to justify cost for smaller deployments
I mostly work with incident response, so I work with a bunch of them interchangeably, but mostly with the EDR components; I also get involved with some of the XDR components, especially for the cloud. Regarding analysis features, such as deep behavioral detection, I do use it sometimes; I usually don't use the automated version of it, as I prefer threat hunting directly, depending on if the season is available. I know some of them have pretty good analytics engines, but I tend to do the threat hunting on my own. I manage incident response for a bunch of companies, so some of them have Cybereason Endpoint Detection & Response integrated into Sentinel, some into Fortinet, and others into various tools. When considering cost-effectiveness, their pricing structure works such that if you're a large organization with more than a thousand endpoints to deploy to, then Cybereason Endpoint Detection & Response is worthwhile. But for anything less than 300, it's too expensive; obviously, the more you buy, the better the price, making it cheaper for you. Cybereason Endpoint Detection & Response best fits enterprise-level businesses such as huge corporations; however, we are in the process of removing it from many of our endpoint clients because it's not really showing enough value for them at the moment. We're trying to see how we can improve it with some of our clients, but at the moment, it's struggling compared to other EDR solutions that we have deployed. On a scale of one to ten, I rate Cybereason Endpoint Detection & Response a six.
Read full review
report
See which vendors are best for you
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
See recommendations
872,706 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
10%
Manufacturing Company
8%
Government
6%
Computer Software Company
14%
Financial Services Firm
11%
Manufacturing Company
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business41
Midsize Enterprise18
Large Enterprise36
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise4
Large Enterprise13
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
What is your experience regarding pricing and costs for Cybereason Endpoint Detection & Response?
Comparison with other products showed it be cheaper than some larger competitors. Set up cost for us were cheaper as we already had users experienced with the product in other business units. Initi...
See all answers
What is your primary use case for Cybereason Endpoint Detection & Response?
My main use case for Cybereason Endpoint Detection &amp; Response is mostly for incident response.
See all answers
What do you like most about Cybereason Endpoint Detection & Response?
The interface is user-friendly.
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 9% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
Cortex XSIAM vs Cortex XDR by Palo Alto Networks Logo
Cortex XSIAM vs Cortex XDR by Palo Alto Networks
Compared 6% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response Logo
CrowdStrike Falcon vs Cybereason Endpoint Detection & Response
Compared 14% of the time
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response Logo
SentinelOne Singularity Complete vs Cybereason Endpoint Detection & Response
Compared 12% of the time
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response Logo
Microsoft Defender for Endpoint vs Cybereason Endpoint Detection & Response
Compared 8% of the time
ESET Inspect vs Cybereason Endpoint Detection & Response Logo
ESET Inspect vs Cybereason Endpoint Detection & Response
Compared 7% of the time
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response Logo
Fortinet FortiEDR vs Cybereason Endpoint Detection & Response
Compared 6% of the time
More Cybereason Endpoint Detection & Response Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
October 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
Cybereason Endpoint Detection & Response
October 2025
Cybereason Endpoint Detection & Response reportDownload Cybereason Endpoint Detection & Response product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Cybereason EDR, Cybereason Deep Detect & Respond
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Cybereason's Endpoint Detection and Response platform detects in real-time both signature and non-signature-based attacks and accelerates incident investigation and response. Cybereason connects together individual pieces of evidence to form a complete picture of a malicious operation.

Cybereason
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lockheed Martin, Spark Capital, DocuSign, Softbank Capital
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
September 2025
Free Report: Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response and other solutions. Updated: September 2025.
DOWNLOAD NOW
872,706 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. Cybereason Endpoint Detection & Response report.
See our list of best Endpoint Detection and Response (EDR) vendors and best Endpoint Protection Platform (EPP) vendors.

We monitor all Endpoint Detection and Response (EDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.