Cortex XDR by Palo Alto Networks vs ExtraHop Reveal(x) 360 comparison

Palo Alto Networks and ExtraHop Networks are both solutions in the Extended Detection and Response (XDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.6, while ExtraHop Networks is ranked #24 with an average rating of 9.0. Palo Alto Networks holds a 5.6% mindshare in XDR, compared to ExtraHop Networks’s 0.3% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 100% of ExtraHop Networks users who would recommend it.

Cortex XDR by Palo Alto Net...

Read 90 Cortex XDR by Palo Alto Networks reviews

7,412 Views
4,610 Comparison Views

95% willing to recommend

ExtraHop Reveal(x) 360

Read 3 ExtraHop Reveal(x) 360 reviews

279 Views
192 Comparison Views

100% willing to recommend

Cortex XDR by Palo Alto Net...

ExtraHop Reveal(x) 360

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 8, 2024

Cortex XDR and ExtraHop Reveal(x) 360 compete in the advanced threat detection and response category. ExtraHop is seen as having superior features, which makes it worth the higher cost despite Cortex XDR's cost-effectiveness.

Features: Cortex XDR is noted for its robust detection abilities, comprehensive logging, and integration with endpoint data. ExtraHop Reveal(x) 360 is highlighted for its superior network traffic analysis, real-time threat detection, and ability to analyze encrypted traffic without decryption.

Room for Improvement: Cortex XDR users seek better third-party tool integration, enhancements in real-time visibility, and a more user-friendly dashboard. ExtraHop users would like improved cloud integration, fewer false positives, and stronger automated response capabilities.

Ease of Deployment and Customer Service: Cortex XDR is praised for its simpler deployment and responsive customer support, appealing to organizations that prioritize easy setup. ExtraHop offers more expertise and is supported by professional customer service, though its deployment is slightly more complex.

Pricing and ROI: Cortex XDR is seen as cost-effective with competitive pricing and good ROI, making it suitable for organizations with budget constraints. ExtraHop, despite a higher cost, provides high value through advanced features, appealing to businesses that prioritize comprehensive security needs.

To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360 Report (Updated: April 2025).

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360

April 2025

Download the complete report

Helped 850,236 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XDR by Palo Alto Net...

Ranking in Extended Detection and Response (XDR)

7th

Average Rating

8.4

Reviews Sentiment

7.4

Number of Reviews

Ranking in other categories

Endpoint Protection Platform (EPP) (4th), Ransomware Protection (1st), AI-Powered Cybersecurity Platforms (4th)

ExtraHop Reveal(x) 360

Ranking in Extended Detection and Response (XDR)

24th

Average Rating

8.6

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Intrusion Detection and Prevention Software (IDPS) (17th), Container Security (24th), Network Traffic Analysis (NTA) (9th)

Mindshare comparison

As of May 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 5.6%, down from 6.5% compared to the previous year. The mindshare of ExtraHop Reveal(x) 360 is 0.3%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Extended Detection and Response (XDR)

Featured Reviews

Mohammad Qaw

Senior Security Consultant at helpag

Perfect correlation and XDR capabilities for network traffic plus endpoint security

The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.

Read full review

Maksym Toporkov

Head of Research And Development at Quipu GmbH

A competitive choice for network detection and response with exceptional user interface, ease of implementation and minimal false positives

The NDR feature analyzes network traffic, creating records with connection details. While these records offer insights, there's a limitation in investigating payloads directly. ExtraHop provides an option for an additional server to save payloads, but its temporary storage has constraints. Unlike some competitors, it lacks an automatic payload-saving feature for each detection, presenting an improvement opportunity. Suggested enhancement involves the main sensor prompting payload storage for specific detections, streamlining the investigation process, and contributing to a more efficient workflow. A drawback includes packet storage limitations for payload data, necessitating timely extraction for thorough investigations.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"They did what they said. This solution could apply to any scenario."

"Cortex XDR by Palo Alto Networks should be a stable solution."

"Cortex XDR's most valuable feature is its intelligence-based dashboards."

"From a single pane of glass, you can easily manage all of your endpoints."

"It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application."

"One of the main benefits of the solution is its intelligence to correlate the events into an incident."

"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."

"The integrations are out-of-the-box, as are the playbooks."

More Cortex XDR by Palo Alto Networks pros

"It is scalable."

"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."

"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."

Cons

"It is an enterprise-level solution. Its price could be less expensive."

"There are a large number of false positives."

"The solution needs better reports. I think they should let the customer go in and customize the reports."

"It's not an ideal choice for smaller businesses, as you need a minimum of 200 endpoints to even use the solution at all."

"Product might have some bugs."

"Impact on system performance is horrible, adding a lot of delays for users."

"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."

"Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere."

More Cortex XDR by Palo Alto Networks cons

"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."

"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."

"There needs to be more support."

Pricing and Cost Advice

"This is an expensive solution."

"The pricing is a little high. It is per user per year."

"I am using the Community edition."

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."

"The price is on the higher side, but it's okay."

"The pricing is a little bit on the expensive side."

"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."

"The price of the solution is high for the license and in general."

More Cortex XDR by Palo Alto Networks pricing and cost advice

"When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."

See which vendors are best for you

Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.

See recommendations

850,236 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Manufacturing Company

Government

Financial Services Firm

10%

Comms Service Provider

University

Insurance Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One

Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...

See all answers

Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)

Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...

See all answers

How is Cortex XDR compared with Microsoft Defender?

Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...

See all answers

What do you like most about ExtraHop Reveal(x) 360?

It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for...

See all answers

What needs improvement with ExtraHop Reveal(x) 360?

See all answers

What advice do you have for others considering ExtraHop Reveal(x) 360?

I recommend prioritizing demos over POCs when engaging with vendors. Organizing POCs involves significant time and resource investments for both parties. Instead, invest time in multiple demo sessi...

See all answers

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks

Compared 12% of the time

CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks

Compared 7% of the time

Darktrace vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

Wazuh vs Cortex XDR by Palo Alto Networks

Compared 5% of the time

SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks

Compared 4% of the time

More Cortex XDR by Palo Alto Networks Competitors

ExtraHop Reveal(x) vs ExtraHop Reveal(x) 360

Compared 32% of the time

Wiz vs ExtraHop Reveal(x) 360

Compared 17% of the time

Corelight vs ExtraHop Reveal(x) 360

Compared 16% of the time

Stellar Cyber Open XDR vs ExtraHop Reveal(x) 360

Compared 14% of the time

Forescout Platform vs ExtraHop Reveal(x) 360

Compared 13% of the time

More ExtraHop Reveal(x) 360 Competitors

Product Reports

Buyer's Guide

Cortex XDR by Palo Alto Networks

May 2025

Download Cortex XDR by Palo Alto Networks product report

Buyer's Guide

Intrusion Detection and Prevention Software (IDPS)

April 2025

Download ExtraHop Reveal(x) 360 product report

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps

ExtraHop Reveal(X) Cloud, Reveal(X) Cloud

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
AI Analytics: Utilizes AI for accurate threat detection and response.
Real-Time Protection: Provides immediate defense against threats.
Policy Management: Allows customization of security policies across endpoints.
USB Control: Regulates USB device access for added security.
Incident Correlation: Connects and analyzes various security events for better response.
Firewall Integration: Seamlessly works with firewalls for enhanced security.
Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

Low Resource Consumption: Efficient security functions without taxing system resources.
Multi-Layered Protection: Comprehensive security across multiple attack vectors.
User-Friendly Interface: Intuitive design for easier management.
Enhanced Threat Management: Identifies and mitigates threats effectively.
Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

Cloud is where your business operates, where it innovates, how it enables employees, and how it connects with customers. Adversaries know this, and that's why attacks against cloud assets in IaaS, PaaS, and SaaS environments are increasing. With Reveal(x) 360, you can mitigate the blast radius of advanced threats like ransomware and supply chain attacks with unified security across multicloud and hybrid environments in a single management pane.

ExtraHop Networks

Sample Customers

CBI Health Group, University Honda, VakifBank

Wizards of the Coast

Buyer's Guide

Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360

April 2025

Free Report: Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360

Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360 and other solutions. Updated: April 2025.

DOWNLOAD NOW

850,236 professionals have used our research since 2012.

See our Cortex XDR by Palo Alto Networks vs. ExtraHop Reveal(x) 360 report.

See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.