We performed a comparison between Cortex XDR by Palo Alto Networks and Elastic Security based on real PeerSpot user reviews.
Find out in this report how the two Extended Detection and Response (XDR) solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications."
"From the perspective of Microsoft 365 XDR, the main benefit is a single, centralized dashboard offering the holistic visibility organizations crave."
"There is also one dashboard that shows us the status of many controls at once and the details I can get... It gives a great overview of many areas, such as files, emails, chats, and links. Even with the apps, it gives you a great overview. In one place you can see where you should look into things more deeply..."
"Microsoft 365 Defender is a good solution and easy to use."
"The solution is well integrated with applications. It is easy to maintain and administer."
"The integration with other Microsoft solutions is the most valuable feature."
"The product integrates security into one tool instead of having third-party security tools."
"The most valuable features of Microsoft 365 Defender are the combination of all the capabilities and centralized management."
"Cortex XDR's most valuable feature is its intelligence-based dashboards."
"It integrates well into the environment."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful."
"Has great threat detection capabilities."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."
"It is scalable."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The most valuable feature of Elastic Security is that you can install agents, and they are not separately licensed."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"Enables monitoring of application performance and the ability to predict behaviors."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"It's very stable and reliable."
"The most valuable features of Elastic Security are it is open-source and provides a high level of security."
"There could be a way to proactively monitor unusual activity ."
"Microsoft tends to provide too many features, which makes the solution prone to bugs."
"It would be highly beneficial if CoPilot could identify anomalies within the network and notify the IT team."
"The message trace feature for investigating mail flow issues should add more detailed information to the summary report... if they could extend the summary report a little bit, make it more descriptive, ordinary administrators could understand what happened and that the emails failed at this or that point. That way they would know the location to go to try to correct it and to prevent it from occurring again."
"Generally, antivirus products provide a central control to manage every device in terms of who is installing it or who is trying to disable it, but Microsoft doesn't have such a control center for the antivirus product it provides."
"At times, when we have an incident email and we click on the link for that incident, it opens a pop-up, but there is nothing. It has happened a couple of times."
"From an integration standpoint, it is always improving overall. With Security Copilot coming out, as partners, we are waiting for the GDAP support so that we can actually see Security Copilot on behalf of customers if they subscribe to it."
"There are still some components, such as vulnerability management within the vendor product, where improved integration would be beneficial."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"The solution could improve by providing better integration with their own products and others."
"It'll help if customization was easier."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"This solution is very hard to implement."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"The setup process is complex. You need a solid working knowledge of networking, operating systems, and a little programming."
"Email notification should be done the same way as Logentries does it."
"Technical support could respond faster."
"If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."
"There should be a simulation environment to check whether my Elastic implementation is functioning perfectly fine. Other solutions have their own Android and iOS applications that I can install on my mobile so that I am continuously connected to the SIEM."
"The biggest challenge has been related to the implementation."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 3rd in Extended Detection and Response (XDR) with 80 reviews while Elastic Security is ranked 7th in Extended Detection and Response (XDR) with 58 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Elastic Security is rated 7.6. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trend Micro Apex One, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Cortex XDR by Palo Alto Networks vs. Elastic Security report.
See our list of best Extended Detection and Response (XDR) vendors and best Endpoint Detection and Response (EDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.