Cortex XDR by Palo Alto Networks vs FortiXDR comparison

You must select at least 2 products to compare!
Microsoft Logo
6,000 views|4,488 comparisons
97% willing to recommend
Palo Alto Networks Logo
12,520 views|7,005 comparisons
94% willing to recommend
Fortinet Logo
756 views|296 comparisons
0% willing to recommend
Comparison Buyer's Guide
Executive Summary

We performed a comparison between Cortex XDR by Palo Alto Networks and FortiXDR based on real PeerSpot user reviews.

Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR).
To learn more, read our detailed Extended Detection and Response (XDR) Report (Updated: May 2024).
771,740 professionals have used our research since 2012.
Q&A Highlights
Question: FortiXDR vs Cortex Pro - which is the best?
Answer: @KostiantynFrolov, @Zubair Ahmad, @Mantu Shaw, @Gian Michele Roletto, Can you please share any advice here?
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"The most valuable feature depends on the scenario. For compliance, I like Microsoft Purview Information Protection and Data Loss Prevention. Sentinel is the most helpful feature for security. 365 Defender helps us prioritize threats across an enterprise. It's a crucial feature for the managed services team.""The threat intelligence is excellent.""Advanced hunting is good. I like that. We can drill down to lots of details.""I like 365 Defender's advanced threat hunting. The dashboard is user-friendly with templates for site policies, etc. The most important use case is evaluating the risk links and applications.""Defender is easy to use. It has a nice console, and everything is all in one place.""It provides a single pane of glass within the 365 admin interface, streamlining our experience by consolidating information in one place and eliminating the need to navigate through multiple interfaces.""The integration, visibility, vulnerability management, and device identification are valuable.""It's a great threat intelligence source for us, providing alerts for things it detects on the network and on the machines. We've used it often when there is a potential incident to see what was done on a computer. That works quite nicely because you can see everything that the user has done..."

More Microsoft Defender XDR Pros →

"It's a nice product that's stable and scalable.""The user interface of the solution is sophisticated and straightforward.""Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features.""Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources.""The stability of this product is very good.""The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service.""The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that.""The information the dashboard provides is very clear."

More Cortex XDR by Palo Alto Networks Pros →

"The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall, FortiMail, FortiSandbox, Forti Fabric, switches, and access points. Whatever the flow of the traffic comes in or goes out, the entire traffic can be managed and monitored properly."

More FortiXDR Pros →

"The support could be more knowledgable to improve their offering.""Microsoft Defender XDR is not a full-fledged EDR or XDR.""There are other SIEM solutions that are easier to use, mainly based on the creation of rules, use cases, and groups.""A simple dashboard without having to use MS Sentinel would be a welcome improvement.""Customers say they want absolutely seamless integration between other Microsoft solutions and Defender XDR, including the ability to change device settings within the Defender portal. They need to contact the IT team responsible for the device management tools to change some settings. They would prefer that those changes be initiated directly from the Defender portal or applied from Intune without involving the IT operations team.""The price should be adjustable by region.""The dashboard should be easier to use. There is also improvement needed in the reporting when it comes to exporting or scheduling reports.""In the beginning, it's difficult to navigate the system because it is quite large. Just trying to find your way and understand how the system works can be hard. After spending quite a lot of time searching it's a lot easier, but I wish it were a bit more user-friendly when you're trying to find things."

More Microsoft Defender XDR Cons →

"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want.""There are a large number of false positives.""In the next release, I would like to see more UI improvements. Their UI is a bit basic. When we are speaking about Palo Alto Networks they are the big company, so they can improve the UI a little bit. The UI, the reports, the log system can all be improved.""It'll help if customization was easier.""The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling.""In general, the price could be more competitive.""It is a complex solution to implement.""Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."

More Cortex XDR by Palo Alto Networks Cons →

"Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For example, if there is any zero data threat found, a new threat that the customer is not able to recognize, fix, or understand what needs to be done this feature has to be added in FortiXDR so that the customer feels comfortable."

More FortiXDR Cons →

Pricing and Cost Advice
  • "The solutions price is fair for what they offer."
  • "The price could be better. Normally, the costs depend on the country you're located in for the license. When we were in the initial stage, we went with the E5 license they call premium standard. It cost us around $5.20 per month for four users."
  • "The price of the solution is high compared to others and we have lost some customers because of it."
  • "Microsoft is not competitive with the pricing of the solution. The competitors are able to offer lower discounts. The price of the solution is higher."
  • "We have a lot of problems in Latin America regarding the price of Microsoft 365 Defender, because the relationship between dollars and the money of the different countries, it's is a lot. Many customers that have small businesses say that they would like the solution but it is too expensive. However, large companies do not find the cost an issue."
  • "The most valuable licensing option is expensive, so pricing could be improved. Licensing options for this solution also need to be consolidated, because they frequently change."
  • "Microsoft should provide lower-level licensing options. They should do it in such a way that even an individual could purchase a license, and it should be entirely flexible."
  • "They have moved from a licensing model to pay-per-use... The question is: What happens if, for any reason, there's not enough budget to accept this model? That could be a great problem."
  • More Microsoft Defender XDR Pricing and Cost Advice →

  • "I feel it is fairly priced."
  • "The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
  • "We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
  • "It is "expensive" and flexible."
  • "Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
  • "I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
  • "It is cost-effective compared to similar solutions. It fits for the small businesses through to the big businesses."
  • "The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
  • More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →

  • "This is an expensive solution compared to other vendors, such as Check Point."
  • More FortiXDR Pricing and Cost Advice →

    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    771,740 professionals have used our research since 2012.
    Answers from the Community
    Augusto Marcelino
    Edwardo Rivera - PeerSpot reviewerEdwardo Rivera
    Real User

    Disclosure - I work for a company where we are Partners of Palo Alto Networks.

    Hi Augusto,

    The answer depends on what you are looking for and your current infrastructure. If you have Fortinet security infrastructure, it will "make sense" to go with them, if you have palo alto firewalls "then" Cortex XDR PRO. 

    However, As I am not completely familiar with FortiXDR, I am going to showcase why I will select Cortex XDR PRO:

    0- Security: Cortex XDR PRO does really well compared to other endpoint products (NSS labs showed this, not sure what happened to them). Look info at MITRE. 

    1- More time and expertise on the XDR market: Cortex XDR was the first XDR platform out there to integrate, endpoint, network and cloud.

    2- Integrations with other firewalls: Cortex XDR can integrate checkpoint, fortigate and cisco ASA logs.

    3- Licensing model: You can start with EPP (Prevent), PRO for endpoint (EDR + other features), and PRO for network (integrate fw/cloud) using the same cloud platform.

    I believe that the best way is to see both product by yourself. Let me know if you are interested to see Cortex XDR PRO, we can schedule a call. We have some clients in Brazil (assuming that based in your title).



    Questions from the Community
    Top Answer:Microsoft Defender XDR provides strong identity protection with comprehensive insights into risky user behavior and… more »
    Top Answer:Microsoft Defender XDR is expensive, especially for the full suite functionality. However, when compared to buying… more »
    Top Answer:Improving scalability, especially for very large tenants, could be beneficial for Microsoft Defender XDR. Additionally… more »
    Top Answer:Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks.… more »
    Top Answer:Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that… more »
    Top Answer:Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface… more »
    Top Answer:The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall… more »
    Top Answer:This is an expensive solution compared to other vendors, such as Check Point.
    Top Answer:Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For… more »
    Also Known As
    Microsoft 365 Defender, Microsoft Threat Protection, MS 365 Defender
    Cyvera, Cortex XDR, Palo Alto Networks Traps
    Learn More

    Microsoft Defender XDR is a comprehensive security solution designed to protect against threats in the Microsoft 365 environment. 

    It offers robust security measures, comprehensive threat detection capabilities, and an efficient incident response system. With seamless integration with other Microsoft products and a user-friendly interface, it simplifies security management tasks. 

    Users have found it effective in detecting and preventing various types of attacks, such as phishing attempts, malware infections, and data breaches.

    Watch the Microsoft demo video here: Microsoft Defender XDR demo video.

    Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.

    Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.

    Benefits of Cortex XDR

    Some of Cortex XDR’s benefits include:

    • The use of advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.
    • The ability to group similar threat alerts, reducing incoming alerts by as much as 98%. This allows analysts to avoid being overwhelmed by the volume of incoming alerts.
    • The ability to investigate threats as much as 8 times faster than would be possible with other software. The machine learning, when coupled with the unified data stream that Cortex XDR collects, significantly increases the ability to more quickly discover the root cause of a threat.

    Reviews from Real Users

    Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.

    PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”

    Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”

    XDR Defined and Explained
    Extended detection and response (XDR) is a natural extension of the endpoint detection and response (EDR) concept, in which behaviors that occur after threat prevention controls act are further inspected for potentially malicious, suspicious, or risky activity that warrant mitigation. The difference is simply the location (endpoint or beyond) where the behaviors occur.

    Sample Customers
    Accenture, Deloitte, ExxonMobil, General Electric, IBM, Johnson & Johnson and many others.
    CBI Health Group, University Honda, VakifBank
    Information Not Available
    Top Industries
    Manufacturing Company18%
    Computer Software Company15%
    Financial Services Firm13%
    Computer Software Company17%
    Financial Services Firm10%
    Manufacturing Company8%
    Computer Software Company17%
    Financial Services Firm13%
    Security Firm9%
    Computer Software Company15%
    Financial Services Firm8%
    Manufacturing Company6%
    Computer Software Company21%
    Financial Services Firm11%
    Comms Service Provider10%
    Company Size
    Small Business40%
    Midsize Enterprise24%
    Large Enterprise35%
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    Small Business41%
    Midsize Enterprise22%
    Large Enterprise37%
    Small Business25%
    Midsize Enterprise19%
    Large Enterprise56%
    Small Business29%
    Midsize Enterprise23%
    Large Enterprise49%
    Buyer's Guide
    Extended Detection and Response (XDR)
    May 2024
    Find out what your peers are saying about CrowdStrike, SentinelOne, Wazuh and others in Extended Detection and Response (XDR). Updated: May 2024.
    771,740 professionals have used our research since 2012.

    Cortex XDR by Palo Alto Networks is ranked 4th in Extended Detection and Response (XDR) with 80 reviews while FortiXDR is ranked 30th in Extended Detection and Response (XDR) with 1 review. Cortex XDR by Palo Alto Networks is rated 8.4, while FortiXDR is rated 0.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Perfect correlation and XDR capabilities for network traffic plus endpoint security". On the other hand, the top reviewer of FortiXDR writes "Effective traffic monitoring, integrates well, but stability could improve". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trellix Endpoint Security, whereas FortiXDR is most compared with Trend Vision One, SentinelOne Singularity Complete, CrowdStrike Falcon and Cisco SecureX.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.