We performed a comparison between Cortex XDR by Palo Alto Networks and FortiXDR based on real PeerSpot user reviews.
Find out what your peers are saying about SentinelOne, CrowdStrike, Palo Alto Networks and others in Extended Detection and Response (XDR)."Microsoft Defender XDR is scalable."
"Another noteworthy feature that I find appealing in Microsoft Defender is the credit-backed simulation. This feature enables organizations to train their users on effectively responding to phishing emails through a simulated training environment."
"Microsoft XDR's system of analysis and investigation is super convenient for our customers. It integrates with other Microsoft solutions like Defender for 365 to protect email traffic from malicious external web links and phishing."
"We also use Microsoft Sentinel, Defender for Cloud, Defender for Identity, and Microsoft Defender for Cloud Apps. They are all integrated and it was very easy to integrate them. In my experience with the integrations, it was just a click of a button and things were integrated. It's just a button."
"My clients like Defender's file integrity monitoring. They're monitoring Windows and Linux system files."
"It has great stability."
"It has been great for us. Previously, we didn't have a solution to protect us, especially from malware, whereas now, we are getting protection up front, especially from the malware attacks coming through emails or endpoints."
"Within advanced threat hunting, the tables that have already been defined by Microsoft are helpful. In the advanced threat hunting tab, there were different tables, and one of the tables was related to device info, device alert, and device events. That was very helpful. Another feature that I liked but didn't have access to was deep analysis."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"Stability is one of the features we like the most."
"The integrations are out-of-the-box, as are the playbooks."
"The information the dashboard provides is very clear."
"The stability of this product is very good."
"Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR."
"The most valuable feature of FortiXDR is it integrates well with other Fortinet solutions, such as Fortinet firewall, FortiMail, FortiSandbox, Forti Fabric, switches, and access points. Whatever the flow of the traffic comes in or goes out, the entire traffic can be managed and monitored properly."
"The Defender agent itself is more compatible with Windows 10 and Windows 11. Other than these two lines, there are so many compatibility issues. Security is not only about Microsoft. The core technical aspects of it are quite good, but it would be good if they can better support non-Microsoft solutions in terms of putting the agents directly into VMware and other virtualization solutions. There should be more emphasis on RHEL and other operating systems that we use, other than Windows, in the server category."
"In the Microsoft Azure Portal, in Active Directory, if there is anything on the user it will provide you with the information, but you still have to go through it a bit. And sometimes, I have experienced difficulties in understanding the information, especially because the synchronization between Microsoft Intune and the devices that are connected to the user in Azure Active Directory takes a lot of time."
"The user interface of Microsoft 365 Defender could improve. They could make it simpler."
"The design of the user interface could use some work. Sometimes it's hard to find the exact information you need."
"Because of the training model, Defender XDR's automatic response sometimes blocks legitimate users and activities. Also, the UI sometimes responds slowly."
"One of the biggest downsides of Microsoft products, in general, is that the menus are often difficult to find, as they tend to move from place to place between versions."
"The support team is not competent or responsive."
"The only problem I find is that the use cases are built-in. There is no template available that you can modify according to your organization's standards. What they give is very generic, the market standard, but that might not be applicable to every organization."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"Cortex XDR could be improved with more GUI features."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"The solution needs better reports. I think they should let the customer go in and customize the reports."
"In general, the price could be more competitive."
"The licensing model is complex to understand. It requires expertise to explain how the licensing works. You need expertise to guide you through the subscription plan."
"In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex."
"A little bit more automation would be nice."
"Many of the solutions, such as CrowdStrike have an MDR solution where remediation can be provided by the vendor. For example, if there is any zero data threat found, a new threat that the customer is not able to recognize, fix, or understand what needs to be done this feature has to be added in FortiXDR so that the customer feels comfortable."
More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →
Cortex XDR by Palo Alto Networks is ranked 3rd in Extended Detection and Response (XDR) with 80 reviews while FortiXDR is ranked 30th in Extended Detection and Response (XDR) with 1 review. Cortex XDR by Palo Alto Networks is rated 8.4, while FortiXDR is rated 0.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "It provides a whole new level of visibility and integrates with most other vendors". On the other hand, the top reviewer of FortiXDR writes "Effective traffic monitoring, integrates well, but stability could improve". Cortex XDR by Palo Alto Networks is most compared with Microsoft Defender for Endpoint, CrowdStrike Falcon, Darktrace, Symantec Endpoint Security and Trend Micro Apex One, whereas FortiXDR is most compared with Trend Vision One, SentinelOne Singularity Complete, CrowdStrike Falcon and Cisco SecureX.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Disclosure - I work for a company where we are Partners of Palo Alto Networks.
Hi Augusto,
The answer depends on what you are looking for and your current infrastructure. If you have Fortinet security infrastructure, it will "make sense" to go with them, if you have palo alto firewalls "then" Cortex XDR PRO.
However, As I am not completely familiar with FortiXDR, I am going to showcase why I will select Cortex XDR PRO:
0- Security: Cortex XDR PRO does really well compared to other endpoint products (NSS labs showed this, not sure what happened to them). Look info at MITRE.
1- More time and expertise on the XDR market: Cortex XDR was the first XDR platform out there to integrate, endpoint, network and cloud.
2- Integrations with other firewalls: Cortex XDR can integrate checkpoint, fortigate and cisco ASA logs.
3- Licensing model: You can start with EPP (Prevent), PRO for endpoint (EDR + other features), and PRO for network (integrate fw/cloud) using the same cloud platform.
I believe that the best way is to see both product by yourself. Let me know if you are interested to see Cortex XDR PRO, we can schedule a call. We have some clients in Brazil (assuming that based in your title).
Regards,
Edwardo