Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs LogRhythm UEBA comparison

Palo Alto Networks and LogRhythm are both solutions in the Extended Detection and Response (XDR) category. Palo Alto Networks is ranked #7 with an average rating of 8.7, while LogRhythm is ranked #25 with an average rating of 7.0. Palo Alto Networks holds a 5.6% mindshare in XDR, compared to LogRhythm’s 1.1% mindshare. Additionally, 95% of Palo Alto Networks users are willing to recommend the solution, compared to 55% of LogRhythm users who would recommend it.
Cortex XDR by Palo Alto Net...
Read 90 Cortex XDR by Palo Alto Networks reviews
  • 7,883 Views
  • 4,799 Comparison Views
95% willing to recommend
LogRhythm UEBA
Read 11 LogRhythm UEBA reviews
  • 889 Views
  • 752 Comparison Views
55% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 8, 2024

Cortex XDR by Palo Alto Networks and LogRhythm UEBA both operate in the cybersecurity category. Cortex XDR is seen favorably for its pricing and support attributes, while LogRhythm UEBA stands out for its extensive feature set, despite its higher cost.

Features: Cortex XDR provides comprehensive threat detection, integrates well with Palo Alto Networks infrastructure, and has competitive pricing. LogRhythm UEBA offers advanced user behavior analytics, extensive threat intelligence, and a rich feature set tailored for complex environments.

Room for Improvement: Cortex XDR could improve its integration with non-Palo Alto Networks systems, enhance its reporting features, and increase customization options. LogRhythm UEBA may benefit from better scalability, more intuitive configuration, and enhanced integration capabilities.

Ease of Deployment and Customer Service: Cortex XDR offers streamlined deployment within the Palo Alto Networks ecosystem and responsive customer service. LogRhythm UEBA, although presenting a more challenging initial setup, is backed by thorough customer support that effectively addresses user concerns.

Pricing and ROI: Cortex XDR is noted for its competitive pricing, providing a strong cost-to-benefit ratio. LogRhythm UEBA, while more costly initially, offers significant ROI with its advanced analytic features, meeting the needs of users seeking detailed behavioral insights.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA Report (Updated: April 2025).
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA
April 2025
Download the complete report
Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
90
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
LogRhythm UEBA
Ranking in Extended Detection and Response (XDR)
25th
Average Rating
7.0
Reviews Sentiment
6.7
Number of Reviews
11
Ranking in other categories
User Entity Behavior Analytics (UEBA) (11th)
 

Mindshare comparison

As of May 2025, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 5.6%, down from 6.5% compared to the previous year. The mindshare of LogRhythm UEBA is 1.1%, up from 0.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR)
 

Featured Reviews

Mohammad Qaw - PeerSpot reviewer
Perfect correlation and XDR capabilities for network traffic plus endpoint security
The solution should force customers to integrate with network traffic to see the full benefits of XDR. If you are not integrating it or feeding in your network traffic, then you are just buying a normal antivirus which doesn't make any sense. You are paying double the price to use the antivirus feature or to say you have XDR, but in reality you are not using it. The solution should include an on-premises option because some customers want only on-premises. It would be hard, but good to do if possible. Open XDR would be beneficial in the future. Right now, the solution is Closed XDR so cannot communicate with the few new vendors in the Open XDR market.
Read full review
Sheikh Abu Ayub Azad - PeerSpot reviewer
Great at managing cyber incidents; the technical support could be improved
The initial setup is easy, partly because LogRhythm is primarily based on the Windows platform. It's good to have two engineers for deployment but it can be done with one. It's more about the knowledge. Deployment is typically done in two or three different phases. It usually takes up to three full months to get good deployment. There's the initial onboarding of all the log sources, then collecting data in the data lake, followed a couple of weeks later with some minor tuning before the final tuneup.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies."
"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"It integrates well into the environment."
"Has great threat detection capabilities."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"The information the dashboard provides is very clear."
"The integrations are out-of-the-box, as are the playbooks."
More Cortex XDR by Palo Alto Networks pros
"LogRhythm UEBA’s best feature is the dashboard. It provides several graphs, charts, and event logs."
"The solution's most valuable features are the graphical user interface and the reporting."
"The most valuable features are file activity monitoring and registry activity monitoring."
"It is easy to monitor users and that is how the solution is adding value to our firm."
"I typically use the product for reducing cyber risk, and I can investigate attacks more quickly using machine learning tools."
"The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance, it can detect unusual user logins, such as a user logging in from a new browser or location."
"Good capability pinpointing specific cyber incidents."
"I can investigate attacks more quickly using machine learning tools."
More LogRhythm UEBA pros
 

Cons

"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"Cortex XDR should have a lightweight agent, and the agent size should not be heavy."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"It'll help if customization was easier."
"It takes time to scan the servers and devices."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
More Cortex XDR by Palo Alto Networks cons
"The on-premises LogRhythm is not very scalable. When considering packets per second or the MPS needed for additional logs such as web application logs, scalability is usually found in cloud products."
"It would be helpful if there were more guidance provided for integrating with unsupported devices."
"It should have better mitigation with other solutions and be tightly integrated with other solutions. It has to be improved."
"LogRhythm UEBA's data aggregation needs to be improved. Open-source users do not have much documentation available. Documentation is available only for enterprise users."
"The product could be user-friendly for someone who doesn’t have any prior experience working with it."
"The product should improve its dashboards. Splunk has neat dashboards. Additionally, we would like to enhance the use cases provided by LogRhythm as its use case library is not as extensive as other tools. Its machine-learning capabilities need to improve when compared to other solutions. It lacks risk quantification in a single, transparent view for individuals such as CSOs."
"The UI could be improved a little bit."
"What needs improvement in LogRhythm UEBA is the pricing. Here in Asia, for example, in Sri Lanka, pricing is the primary concern, and this is the only area for improvement I see in the product."
More LogRhythm UEBA cons
 

Pricing and Cost Advice

"I feel it is fairly priced."
"It has reasonable pricing for the use cases it provides to the company."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
"Licensing for Palo Alto Networks Cortex XDR can be costly, especially when it comes to a hundred users. A license is required for each user, and the subscription must be renewed on a yearly basis."
"The cost depends on your chosen license type, like Pro or other licenses."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
More Cortex XDR by Palo Alto Networks pricing and cost advice
"It is quite a budget-friendly product."
"As LogRhythm UEBA is pretty expensive, I'd give its pricing a seven out of ten."
"I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive."
"Licensing is on a yearly basis. It's not expensive compared to its competitors."
"The pricing is nice when compared to other products in the industry."
"LogRhythm UEBA's pricing is affordable for small and medium businesses."
report
See which vendors are best for you
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
See recommendations
849,686 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Manufacturing Company
7%
Government
7%
Computer Software Company
18%
Financial Services Firm
11%
Manufacturing Company
9%
Real Estate/Law Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
See all answers
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
See all answers
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
See all answers
What do you like most about LogRhythm UserXDR?
The solution is useful for privilege accounts and super admin accounts. It is beneficial from a security perspective. The tool uses machine learning rather than threshold-based alerts. For instance...
See all answers
What is your experience regarding pricing and costs for LogRhythm UserXDR?
I rate the product's pricing a three out of ten. However, the cloud version is expensive. You need to hire professional services for deployment and migrations, which can be expensive.
See all answers
What needs improvement with LogRhythm UserXDR?
In general, if something needs to be improved in the algorithm, it would be the dashboards. The dashboards with solutions such as Splunk are very neat and clean. I would also like to improve the us...
See all answers
 

Comparisons

Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Compared 12% of the time
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Compared 7% of the time
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Compared 5% of the time
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
Compared 4% of the time
More Cortex XDR by Palo Alto Networks Competitors
Wazuh vs LogRhythm UEBA Logo
Wazuh vs LogRhythm UEBA
Compared 45% of the time
Darktrace vs LogRhythm UEBA Logo
Darktrace vs LogRhythm UEBA
Compared 20% of the time
Microsoft Purview Insider Risk Management vs LogRhythm UEBA Logo
Microsoft Purview Insider Risk Management vs LogRhythm UEBA
Compared 8% of the time
CrowdStrike Falcon vs LogRhythm UEBA Logo
CrowdStrike Falcon vs LogRhythm UEBA
Compared 6% of the time
Trend Vision One vs LogRhythm UEBA Logo
Trend Vision One vs LogRhythm UEBA
Compared 6% of the time
More LogRhythm UEBA Competitors
 

Product Reports

Buyer's Guide
Cortex XDR by Palo Alto Networks
April 2025
Cortex XDR by Palo Alto Networks reportDownload Cortex XDR by Palo Alto Networks product report
Buyer's Guide
User Entity Behavior Analytics (UEBA)
April 2025
LogRhythm UEBA reportDownload LogRhythm UEBA product report
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
LogRhythm UserXDR, LogRhythm Enterprise UEBA
 

Overview

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?
  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.
What benefits should be considered in reviews?
  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Palo Alto Networks

LogRhythm UEBA enables your security team to quickly and effectively detect, respond to, and neutralize both known and unknown threats. Providing evidence-based starting points for investigation, it employs a combination of scenario analytics techniques (e.g., statistical analysis, rate analysis, trend analysis, advanced correlation), and both supervised and unsupervised machine learning (ML).

LogRhythm
 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
Buyer's Guide
Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA
April 2025
Free Report: Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA and other solutions. Updated: April 2025.
DOWNLOAD NOW
849,686 professionals have used our research since 2012.
See our Cortex XDR by Palo Alto Networks vs. LogRhythm UEBA report.
See our list of best Extended Detection and Response (XDR) vendors.

We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.