"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"They did what they said. This solution could apply to any scenario."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe."
"The protection offered by this product is good, as is the endpoint reporting."
"The integrations are out-of-the-box, as are the playbooks."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"The integration with Logic Apps allows for automated responses to incidents."
"The solution is very easy to deploy."
"It is very intuitive when it comes to policy administration, alerts and notifications, and ease of setting up roles at different hierarchies. It has also been good in terms of the network technology maps. It provides a good overview, but it also depends on the complexity of your network."
"This is a platform as a service provided by Azure. We don't need to install or maintain Azure Security Center. It is a ready-made service available in Azure. This is one of the main things that we like. If you look at similar tools, we have to install, maintain, and update services. Whereas, Azure Security Center manages what we are using. This is a good feature that has helped us a lot."
"It takes very little effort to integrate it. It also gives very good visibility into what exactly is happening."
"The most valuable features of this solution are the vulnerability assessments and the glossary of compliance."
"It helps you to identify the gaps in your solution and remediate them. It produces a compliance checklist against known standards such as ISO 27001, HIPAA, iTrust, etc."
"It's quite a good product. It helps to understand the infections and issues you are facing."
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."
"I would like to see better protection, specifically to protect email applications."
"Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied."
"It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"Impact on system performance is horrible, adding a lot of delays for users."
"Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access."
"A little bit more automation would be nice."
"The overview provides you with good information, but if you want more details, there is a lot more customization to do, which requires knowledge of the other supporting solutions."
"The documentation and implementation guides could be improved."
"You cannot create custom use cases."
"If a customer is already using Okta as an SSO in its entire environment, they will want to continue with it. But Security Center doesn't understand that and keeps making recommendations. It would help if it let us resolve a recommendation, even if it is not implemented."
"There is no perfect product in the world and there are always features that can be added."
"Azure Security Center takes a long time to update, compared to the on-premises version of Microsoft Defender."
"When you work with it, the only problem that we're struggling with is that we have 21 different subscriptions we're trying to apply security to. It's impossible to keep everything organized."
"The solution could improve by being more intuitive and easier to use requiring less technical knowledge."
Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs simply cannot offer. This level of transparency lends itself to both quick identification of problems that arise and the equally quick development of a potential solution.
Cortex XDR’s machine learning works on many different levels to detect and prevent threats. It is constantly scanning for threats and vulnerabilities. The solution can scan up to 5.4 billion IP addresses in three-quarters of an hour. This allows it to spot weak points in the system and notify administrators long before hackers can take advantage of vulnerabilities. Once the Artificial Intelligence (AI) discovers an issue or an area where an issue could potentially take place the system creates a log of the information and subsequently sends an alert to system administrators. The AI takes the information that it has gathered and uses it to assign threat levels to the issues that it detects. Following this, a human analyst will be assigned to manually assess the issue and deal with it accordingly. You can set it to automatically respond to the threat by isolating the issue while analysts investigate it.
Benefits of Cortex XDR
Some of Cortex XDR’s benefits include:
Reviews from Real Users
Cortex XDR by Palo Alto Networks software stands out among its competitors for a number of reasons. Two major ones are its ability to isolate threats while enabling them to be studied and the way that the software combines all of the data that it gathers into a single, more complete picture than other solutions offer.
PeerSpot users note the effectiveness of these features. A network designer at a computer software company wrote, “The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.”
Jeff W., Vice President/CTO at Sinnott Wolach Technology Group, noted, “The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.”
Microsoft Defender for Cloud protects your Azure and hybrid resources. Microsoft uses a wide variety of physical, infrastructure, and operational controls to help secure Azure—but there are additional actions you need to take to help safeguard your workloads. Turn on Azure Security Center to strengthen your cloud security posture. Within Azure Security Center, use Azure Defender to protect your hybrid cloud workloads. With Azure Security Center, you can:
- Assess and visualize the security state of your resources in Azure, on-premises, and in other clouds with Azure Secure Score
- Simplify enterprise compliance and view your compliance against regulatory requirements
- Protect all your hybrid cloud workloads with Azure Defender, which is integrated with Security Center
- Use AI and automation to cut through false alarms, quickly identify threats, and streamline threat investigation
To learn more about our solution, ask questions, and share feedback, join our Microsoft Security, Compliance and Identity Community.
Cortex XDR by Palo Alto Networks is ranked 1st in Extended Detection and Response (XDR) with 35 reviews while Microsoft Defender for Cloud is ranked 2nd in Extended Detection and Response (XDR) with 24 reviews. Cortex XDR by Palo Alto Networks is rated 8.4, while Microsoft Defender for Cloud is rated 8.0. The top reviewer of Cortex XDR by Palo Alto Networks writes "Has a centralized console and does predictive analysis of malware". On the other hand, the top reviewer of Microsoft Defender for Cloud writes "Provides good recommendations and makes policy administration easy". Cortex XDR by Palo Alto Networks is most compared with CrowdStrike Falcon, Microsoft Defender for Endpoint, SentinelOne, Symantec End-User Endpoint Security and Trend Micro Apex One, whereas Microsoft Defender for Cloud is most compared with Prisma Cloud by Palo Alto Networks, Amazon GuardDuty, Trend Micro XDR, Trend Micro Cloud One Workload Security and Check Point CloudGuard Posture Management. See our Cortex XDR by Palo Alto Networks vs. Microsoft Defender for Cloud report.
See our list of best Extended Detection and Response (XDR) vendors.
We monitor all Extended Detection and Response (XDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.