Try our new research platform with insights from 80,000+ expert users

BlackBerry Cylance Cybersecurity vs Cortex XDR by Palo Alto Networks comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

BlackBerry Cylance Cybersec...
Ranking in Endpoint Protection Platform (EPP)
29th
Average Rating
8.0
Reviews Sentiment
4.6
Number of Reviews
44
Ranking in other categories
No ranking in other categories
Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
91
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of BlackBerry Cylance Cybersecurity is 1.1%, down from 1.5% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

Sooraj Makkancherrry - PeerSpot reviewer
Doesn't have daily updates, which is important for healthcare IT
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immediately due to medical device protocols and validation testing. I wish support would try to understand our issues better instead of giving this standard response. The machine learning feature they use often tells us to upgrade the agent or add things to the exclusion list, which isn't unacceptable. It's a very good and new technology as a tool and antivirus. But sometimes, it doesn't work properly with our medical devices and products, quarantining files it shouldn't even after we add them to exclusions. This is tricky for us.
NiteshSharma - PeerSpot reviewer
Automated threat response and behavioral control improve security measures
I recommend adding a data loss prevention (DLP ( /categories/data-loss-prevention-dlp )) solution to Cortex XDR ( /categories/extended-detection-and-response-xdr ) by Palo Alto Networks. The inclusion of this feature would allow the application of DLP ( /categories/data-loss-prevention-dlp ) policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products. Additionally, multi-tenancy and multi-cloud features are not available and should be considered for inclusion.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We chose the solution because it doesn't have daily updates, which is important for us in healthcare IT, where network usage and connectivity to hospitals matter."
"CylancePROTECT is a fairly decent antivirus."
"It provides good insight into the programs, applications, or websites that may need attention."
"It actively monitors the behavior and activity of processes and will, without hesitation, terminate at root anything it determines to be suspect."
"The non-daily requirement to update signatures is the most valuable feature. From a functional point of view, it is pretty spot on. For instance, we compared an algorithm from five years ago to today's algorithm, and it was 98% accurate. It has the ability to detect and mitigate. In the industrial environment that we work in, there's what we call OT versus IT. You are IT Central, but this is OT. Generally, we don't have the same level of skillset as IT individuals or IT professionals have. This particular product doesn't require you to be a computer scientist to be able to understand its proprietary algorithm and to be able to deploy, use, and work within it. It integrates well with a robust SIEM or SOAR solution, and it plays nice with others. We use other detection solutions like CyberX or site provision with Cisco, and it plays nice. That's one of the things we really liked about it."
"It secures different entry points into the network."
"It is extremely simple to manage and deploy."
"You can manage all the threats and everything from a centralized dashboard."
"Monitoring is most valuable."
"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device."
"The solution is a new generation XDR that has a lot of artificial intelligence modules."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"Palo Alto is constantly adding new features."
"The tool is designed to scale for large enterprises and handle large volumes of data."
 

Cons

"The solution’s user interface could be improved."
"I would like to see a better UI in terms of sifting through more specific data and providing analytics. A little bit more would be nice."
"The product needs to continue to offer better alerts. In particular, around false positives. It needs to reduce them from happening."
"It could have integration with industrial base HMIS or Human Machine Interfaces Solutions. This is the industrial environment where you have a control center for all the automation that's happening, whether it is oil, gas, or chemical manufacturing. They often have to set up a computer at the back and watch the other stuff to get alerts. In these autonomous or on-premises environments, they often don't have access to email readily. Integration with other industrial solutions, such as HMIS, will allow them to communicate and get an alert that something has been found. This way, they can react to it sooner than having somebody watch the screen and keep checking the screen. Rockwell has its own suite. Similarly, Honeywell has its own suite. There's also an independent HMI/historian solution provider out there called VTSCADA. We actually get asked if we can get it to show up on a screen, which is difficult. Getting those alerts to work within an industrial environment would be a huge plus."
"The company that sells us the licenses sometimes doesn't know how to do certain things."
"The product does not do a lot of reporting on what it is taking care of. Enhanced reporting would be a welcome improvement."
"Enhancing the product's detection rates and streamlining the user interface for easier management in daily operations would be beneficial improvements."
"The solution should implement AI in the product."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"The encryption is not up to the mark."
"The product's pricing could be better."
"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."
"Limited remote connection."
"In reporting they should have a customizable dashboard due to the fact that C-level people don't like reporting to the IT department. They prefer to have a real-time dashboard. That kind of dashboard needs to have various customizations."
 

Pricing and Cost Advice

"The tool is not that expensive."
"I think that the price we are paying is good for what it is."
"The license price for this solution could be better. It's on the expensive side."
"The monthly fee is $55 USD per user."
"The price is reasonable for us at the moment. I rate the overall solution an eight out of ten."
"The solution's pricing is around the same as most EDRs but slightly behind some of the major ones."
"The licensing part of the product is too expensive compared to other solutions in the market."
"Currently, we have competitive pricing for Cylance, which is affordable enough to consider."
"It has reasonable pricing for the use cases it provides to the company."
"Our customers have expressed that the price is high."
"Cortex XDR's pricing is ok."
"I don't like that they have different types of licenses."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I feel it is fairly priced."
"The solution is expensive. It's pricing is on a yearly-basis."
"It is "expensive" and flexible."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
861,390 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Manufacturing Company
12%
Government
7%
Financial Services Firm
6%
Computer Software Company
14%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Blackberry Protect?
It is a good endpoint solution. It is very easy to manage and detect the threat immediately. It will take the necessary actions.
What is your experience regarding pricing and costs for Blackberry Protect?
The price is reasonable for us at the moment. I rate the overall solution an eight out of ten.
What needs improvement with Blackberry Protect?
I face challenges with the exclusion policy - it still scans folders we told it not to, causing issues. When we contact support, they tell us to update the latest agent, but we can't do that immedi...
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
 

Also Known As

Blackberry Protect
Cyvera, Cortex XDR, Palo Alto Networks Traps
 

Overview

 

Sample Customers

Panasonic, Noble Energy, Apria Healthcare Group Inc., Charles River Laboratories, Rovi Corporation, Toyota, Kiewit
CBI Health Group, University Honda, VakifBank
Find out what your peers are saying about BlackBerry Cylance Cybersecurity vs. Cortex XDR by Palo Alto Networks and other solutions. Updated: June 2025.
861,390 professionals have used our research since 2012.