Cortex XDR by Palo Alto Networks vs Cynet comparison


Comparison Buyer's Guide

Executive SummaryUpdated on Jul 7, 2023

Categories and Ranking

Microsoft Defender XDR
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Detection and Response (EDR) (7th), Microsoft Security Suite (1st)
Cortex XDR by Palo Alto Net...
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd)
Ranking in Extended Detection and Response (XDR)
Average Rating
Number of Reviews
Ranking in other categories
Endpoint Protection Platform (EPP) (16th), User Entity Behavior Analytics (UEBA) (4th), Endpoint Detection and Response (EDR) (15th), Threat Deception Platforms (3rd), Network Detection and Response (NDR) (4th), Ransomware Protection (5th)

Mindshare comparison

As of June 2024, in the Extended Detection and Response (XDR) category, the mindshare of Microsoft Defender XDR is 21.4%, up from 5.5% compared to the previous year. The mindshare of Cortex XDR by Palo Alto Networks is 7.4%, down from 12.7% compared to the previous year. The mindshare of Cynet is 3.1%, down from 5.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
Unique Categories:
Endpoint Detection and Response (EDR)
Microsoft Security Suite
Endpoint Protection Platform (EPP)
Ransomware Protection
User Entity Behavior Analytics (UEBA)

Featured Reviews

May 16, 2024
Loaded with features and is cheaper than competitors
Microsoft 365 Defender is a valuable tool for our daily security operations. It provides us with a clear picture of security threats through its alert system, which identifies the origin of the attacks and correlates them with the MITRE ATT&CK framework. It is user-friendly, loaded with features, and priced cheaper than the competitors. Microsoft 365 Defender thwarts advanced attacks from spreading within our client's networks by utilizing the MITRE ATT&CK framework to recognize and categorize threats, then automatically taking steps to neutralize them. Microsoft 365 Defender earns a rating of eight out of ten for its effectiveness in stopping attacks, which has demonstrably improved our security operations. While Microsoft 365 Defender effectively stops attacks and adapts to new threats, human intervention is necessary for entirely new attack patterns. This is because the system relies on machine learning to identify threats based on past data, and completely new attack patterns wouldn't be recognized yet. Microsoft 365 Defender enabled us to discontinue the use of other security products and helped save our security team time.
Mar 21, 2024
A stable XDR solution with file detection
The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan. Everything is fine. However, if there are any security suggestions, they should be addressed promptly. For instance, configuring the tool and setting up email configurations are essential. Additionally, web filtering is crucial; if there are any high-risk URLs or logs, they should be filtered. Palo Alto Networks already has a robust database for this purpose, which they utilize in their perimeter-level devices by leveraging this database and integrating it into Cortex XDR, enhancing the security posture. Automatic security suggestions are also provided for individual devices, further enhancing security. Adding URLs and addressing the mentioned points are essential steps. They're aggregating all the logs from various devices.
Cesare Vitali - PeerSpot reviewer
Feb 5, 2024
Provides streamlined deployment, intuitive usability, quick response times, high scalability, excellent stability and responsive support making it a comprehensive and reliable cybersecurity option
I like Cynet because, in my experience, it's incredibly fast and intuitive. The interface is exceptionally clear and easy to understand. The most critical function of the product for maintaining our cybersecurity environment is the rapid deployment of policies to the agents. This is particularly crucial considering our diverse workforce, with many employees working remotely or directly at customer sites. Unlike other solutions that might not be as cloud-based or easy to manage, Cynet excels in swiftly and accurately sending policies to the agents. This capability has been immensely valuable, especially during times when our developers are heavily engaged across multiple customer projects. With Cynet, we've experienced minimal issues with agents failing to receive or apply policies, ensuring that our security measures are consistently and promptly implemented across the board.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:


"The most valuable feature is the DLP because that's where we can have an added data protection layer and extend it not just to emails but to the documents that users are working on. We can make sure that sensitive data is tagged and flagged if unauthorized parties are using it."
"I like that it's fully integrated with Windows, Microsoft 365 Exchange Online, and Outlook. It is better than other antivirus solutions because it's fully integrated with all Microsoft products. It's easy to integrate them and onboard all Windows devices from SCCM."
"Microsoft 365 Defender is a stable solution."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"The solution is well integrated with applications. It is easy to maintain and administer."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"The most valuable features are spam filtering, attachment filtering, and antivirus protection."
"Many people don't realize that Microsoft Azure, Exchange Online, and the security and compliance portal all sync together. For instance, within the Azure portal you can set security restrictions and policies to help secure your tenants... The good part of it is that these products have already been integrated. When you sign on as an admin you have global admin rights and that gives you access to all these features."
"Stability is a primary factor, and then there's the ease of distribution and policy management."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"The solution doesn't need a high level of technical training."
"If there are multiple alerts, the app will automatically create and rate an event instead of going through each one."
"I've found the solution to be highly scalable for enterprises."
"Palo Alto is constantly adding new features."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us."
"We are using almost all of the features and we find it quite good overall."
"I like that it is possible to use the solution to check more information about the users' devices."
"Advanced detection and protection against ransomware paired with SOC monitoring are the most valuable features. They have 24/7 SOC monitoring and file activity. It is a very robust tool."
"It provides good protection from ransomware and malware attacks. It is very good as compared to other products. If any threat is there, their support is very good. They immediately respond to the users and do a follow-up. They call us and also provide email support."
"In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not continued. The most valuable aspect is its integration capabilities, covering endpoints and network data for a comprehensive view of threats."
"It's transparent, so it's not something where every user has to press a button to download or do the thing. It is centralized, in fact. Personally, I use Malwarebytes and other tools, which are fine for home use. Cynet is also relatively silent in terms of operation, except when it's required to act."
"I have found the continued support and pretty much all the features to be valuable. They all stand out as being positive. It continues to detect unusual activity when it's supposed to, and so far we haven't had any issues."
"The level of automation is very good because the majority of the time, it blocks the attacks without requiring anything from our side. The technicians don't have to do anything. They are just alerted about what happened. So, the user intelligence works quite well."


"Microsoft 365 Defender does not have a unique package with emerging endpoint security technologies, such as EDR and XDR."
"In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."
"Automated playbooks and automated dashboards would be preferable to the way the data is currently being presented."
"My client would like the solution to be more customizable without using code. You can only build on the default console, but we're not allowed to change it."
"Support is hit or miss. Microsoft wants you to buy premium support contracts. Though they call themselves professional support, it's almost like throwing questions into a black hole. You get an answer, but it's never helpful."
"What could be improved in Microsoft 365 Defender is its licensing, e.g. it should be more consolidated and would be good if it has some optimizations. Improving the alerts and notifications, in terms of adding more details, would also be good for this solution."
"Troubleshooting in Microsoft 365 Defender can be inefficient."
"There should be better information for experts on features in the solution. What I see when reading about features in Microsoft 365 Defender is that it is always general information. If Microsoft could go deeper into details for the experts about how to use the tools, usage of it would be more familiar and it would be easier to use."
"The dashboard is the area that needs to improve so that we can have the ability to drill down without having to go elsewhere to verify results."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats."
"Impact on system performance is horrible, adding a lot of delays for users."
"They've been having some issues with updating their endpoint agents, and it has been quite frustrating."
"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."
"Increased application for SOAR abilities across interconnected devices would be a welcome improvement."
"Automation could be improved, and orchestration could be added to the features."
"SIEM - Although with their Centralised Log Management Cynet has created the basis for SIEM functionality, this is to be expanded in the near future."
"They have automated response capability, and they're moving more and more into SOAR capability. They have built-in deception technology with host-file users, phantoms, etc. We used to call them honeypots. So, they're on target. They're doing a really good job, and they should continue to improve with SOAR."
"Sometimes, it is necessary for me to make important changes to a hard drive of a computer, and because Cynet does not allow me to do that, I have to go to the console and remove the computer from the security group just for Cynet. After that, I have to wait for 10 or 15 minutes for that to take effect. I would like to be able to disable Cynet locally. I shouldn’t have to go to the console to find the PC and then take it out of the group and then add it again to the group. I should locally be able to disable Cynet on a computer with a password or something like that, but it is currently not possible."
"We'd like something that makes it easier to manage specific points."
"I would like to see support for mobile protection and some additional reports included."
"Most of their times are in Greenwich Mean Time. I would like to see more local time zones."

Pricing and Cost Advice

"It has consistently offered highly appealing academic pricing, with distinct rates for higher education and general educational purposes."
"The solution is affordable, and we haven't been hit with any hidden costs. The subscription model is straightforward, and it's easy to understand how much additional features cost. If we need to cancel a license or feature, we do that well in advance to avoid being charged for it, but overall, the pricing and licensing are simple and easy."
"Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
"Microsoft Defender XDR is priced high."
"The licensing fee for Microsoft 365 Defender is fair."
"Understanding the subscription model has been a bit challenging, as every feature or requirement comes with an additional cost."
"Microsoft Defender XDR is included in our license."
"365 Defender can get expensive because you pay per gigabyte of data ingested. On the other hand, much of the data available in the other Microsoft security solutions are made available relatively cheaply—sometimes at cost or for free. Integrating only a limited set of third-party solutions with Sentinel would be cost-effective. It's much more affordable if companies only have Microsoft stuff."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"The price of the solution is high for the license and in general."
"Cortex XDR's pricing is ok."
"Its pricing is kind of in line with its competitors and everybody else out there."
"This is an expensive solution."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"The price is on the higher side, but it's okay."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It is extremely affordable. I'll give it a five out of five in terms of price. It was half the cost of the next closest competitor, and the competitor didn't provide SOC services."
"The pricing was good."
"Cynet is cheaper than other solutions in the market."
"The price is very competitive."
"Our billing is on a quarterly basis, but they have monthly or annual billing availability."
"I don't have specific information about integration capabilities or licensing costs."
"Cynet has a pay-as-you-go pricing model."
"We purchase the product’s yearly license."
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
789,577 professionals have used our research since 2012.

Top Industries

By visitors reading reviews
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Financial Services Firm
Manufacturing Company
Computer Software Company
Comms Service Provider
Financial Services Firm
Manufacturing Company

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business

Questions from the Community

What do you like most about Microsoft 365 Defender?
Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and p...
What needs improvement with Microsoft 365 Defender?
Just like in any solution, the price can always be cheaper.
Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
When evaluating User Activity Monitoring, what aspect do you think is the most important to look for?
The support team that stands behind the detection and response. Is there adequate expertise and are they behind you ...
What do you like most about Cynet?
In terms of incident response, Cynet can contain attacks, offer a trial period to customers, and uninstall if not con...
What is your experience regarding pricing and costs for Cynet?
I don't have specific information about integration capabilities or licensing costs.

Also Known As

Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available



Sample Customers

Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
CBI Health Group, University Honda, VakifBank
Meuhedet, East Boston Neighborhood Health Center
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Cynet and other solutions. Updated: June 2024.
789,577 professionals have used our research since 2012.