We changed our name from IT Central Station: Here's why

Cortex XDR by Palo Alto Networks vs Microsoft Defender for Cloud comparison

Cancel
You must select at least 2 products to compare!
Featured Review
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud and other solutions. Updated: January 2022.
566,121 professionals have used our research since 2012.
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution.""They did what they said. This solution could apply to any scenario.""Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices.""The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that.""It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe.""The protection offered by this product is good, as is the endpoint reporting.""The integrations are out-of-the-box, as are the playbooks.""Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."

More Cortex XDR by Palo Alto Networks Pros →

"The integration with Logic Apps allows for automated responses to incidents.""The solution is very easy to deploy.""It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network.""This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot.""It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening.""The most valuable features of this solution are the vulnerability assessments and the glossary of compliance.""It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc.""It's quite a good product. It helps to understand the infections and issues you are facing."

More Microsoft Defender for Cloud Pros →

Cons
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved.""I would like to see better protection, specifically to protect email applications.""Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied.""It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint.""The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling.""Impact on system performance is horrible, adding a lot of delays for users.""Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access.""A little bit more automation would be nice."

More Cortex XDR by Palo Alto Networks Cons →

"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions.""The documentation and implementation guides could be improved.""You cannot create custom use cases.""If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented.""There is no perfect product in the world and there are always features that can be added.""Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender.""When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized.""The solution could improve by being more intuitive and easier to use requiring less technical knowledge."

More Microsoft Defender for Cloud Cons →

Pricing and Cost Advice
  • "The pricing is a little high. It is per user per year."
  • "We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
  • "This is an expensive solution."
  • "Its pricing is kind of in line with its competitors and everybody else out there."
  • "Every customer has to pay for a license because it doesn't work with what you get from a managed services provider."
  • "The pricing is okay, although direct support can be expensive."
  • "Our customers have expressed that the price is high."
  • "It's about $55 per license on a yearly basis."
  • More Cortex XDR by Palo Alto Networks Pricing and Cost Advice →

  • "I'm not privy to that information, but I know it's probably close to a million dollars a year."
  • "We are using the free version of the Azure Security Center."
  • "Azure Defender is a bit pricey. The price could be lower."
  • "This is a worldwide service and depending on the country, there will be different prices."
  • "Security Center charges $15 per resource for any workload that you onboard into it. They charge per VM or per data-base server or per application. It's not like Microsoft 365 licensing, where there are levels like E3 and E5. Security Center is pretty straightforward."
  • "There is a helpful cost-reducing option that allows you to integrate production subscriptions with non-production subscriptions."
  • "Its pricing is a little bit high in terms of Azure Security Center, but the good thing is that we don't need to maintain and deploy it. So, while the pricing is high, it is native to Azure which is why we prefer using this tool."
  • "I am not involved in this area. However, I believe its price is okay because even small customers are using Azure Security Center. I don't think it is very expensive."
  • More Microsoft Defender for Cloud Pricing and Cost Advice →

    report
    Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
    566,121 professionals have used our research since 2012.
    Questions from the Community
    Top Answer: 
    Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to… more »
    Top Answer: 
    Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers… more »
    Top Answer: 
    Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-based… more »
    Top Answer: 
    Azure Security Center is very easy to use, integrates well, and gives very good visibility on what is happening across your ecosystem. It also has great remote workforce capabilities and supports a… more »
    Top Answer: 
    The integration with Logic Apps allows for automated responses to incidents.
    Top Answer: 
    This is a worldwide service and depending on the country, there will be different prices. There is a price calculator for Azure Services. You select the service that you are interested in, and the… more »
    Ranking
    Views
    39,205
    Comparisons
    28,401
    Reviews
    26
    Average Words per Review
    449
    Rating
    8.3
    Views
    6,127
    Comparisons
    4,421
    Reviews
    24
    Average Words per Review
    1,033
    Rating
    8.1
    Comparisons
    Also Known As
    Cyvera, Cortex XDR, Palo Alto Networks Traps
    Microsoft Azure Security Center, Azure Security Center, Microsoft ASC, Azure Defender
    Learn More
    Overview

    Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.

    Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.

    Benefits of Cortex XDR

    Some of Cortex XDR’s benefits include:

    • The use of advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.
    • The ability to group similar threat alerts, reducing incoming alerts by as much as 98%. This allows analysts to avoid being overwhelmed by the volume of incoming alerts.
    • The ability to investigate threats as much as 8 times faster than would be possible with other software. The machine learning, when coupled with the unified data stream that Cortex XDR collects, significantly increases the ability to more quickly discover the root cause of a threat.

    Reviews from Real Users

    Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.

    PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”

    Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”



    Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:

    - Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score

    - Simplify enterprise compliance and view your compliance against regulatory requirements

    - Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center

    - Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation

    To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.

    Offer
    Learn more about Cortex XDR by Palo Alto Networks
    Learn more about Microsoft Defender for Cloud
    Sample Customers
    CBI Health Group, University Honda, VakifBank
    Microsoft Defender for Cloud is trusted by companies such as ASOS, Vatenfall, SWC Technology Partners, and more.
    Top Industries
    REVIEWERS
    Computer Software Company19%
    Financial Services Firm11%
    Consumer Goods Company11%
    Healthcare Company7%
    VISITORS READING REVIEWS
    Computer Software Company24%
    Comms Service Provider23%
    Government7%
    Energy/Utilities Company4%
    REVIEWERS
    Computer Software Company29%
    Consumer Goods Company14%
    Retailer7%
    Insurance Company7%
    VISITORS READING REVIEWS
    Computer Software Company31%
    Comms Service Provider18%
    Financial Services Firm6%
    Insurance Company5%
    Company Size
    REVIEWERS
    Small Business46%
    Midsize Enterprise20%
    Large Enterprise34%
    VISITORS READING REVIEWS
    Small Business37%
    Midsize Enterprise16%
    Large Enterprise47%
    REVIEWERS
    Small Business29%
    Midsize Enterprise8%
    Large Enterprise63%
    Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud and other solutions. Updated: January 2022.
    566,121 professionals have used our research since 2012.

    Cortex XDR by Palo Alto Networks is ranked 1st in Extended Detection and Response (XDR) with 35 reviews while Microsoft Defender for Cloud is ranked 2nd in Extended Detection and Response (XDR) with 24 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Has a centralized console and does predictive analysis of malware". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Symantec End-User Endpoint Security and Trend Micro Apex One, whereas Microsoft Defender for Cloud is most compared with Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Trend Micro XDR, Trend Micro Cloud One Workload Security and Check Point CloudGuard Posture Management. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud report.

    See our list of best Extended Detection and Response (XDR) vendors.

    We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.