Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Intercept X Endpoint comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
7.7
Cortex XDR secures data, reduces malware, lowers costs, and replaces systems, enhancing user satisfaction and operational efficiency.
Sentiment score
6.5
Intercept X Endpoint is praised for its cost-effectiveness, ransomware protection, strategic impact, and overall network security satisfaction.
They appreciate the rich telemetry data from the solution, as it provides in-depth threat identification.
I have seen a return on investment with Cortex XDR by Palo Alto Networks, as this product is offered at a minimal cost, and we can find a good ROI from it.
 

Customer Service

Sentiment score
6.6
Cortex XDR support is praised for responsiveness but criticized for delayed responses and knowledge gaps in certain regions.
Sentiment score
6.5
Intercept X Endpoint support is mixed; many praise responsiveness, though some experience delays, especially in sanctioned regions.
Their support is efficient and responsive whenever I raise a ticket through my portal.
Every vendor has similar support; it depends on how the case is handled and raised.
I would rate technical support from Palo Alto on a scale from one to ten as an eight, as I find it good.
There are issues with onboarding technical engineers to resolve problems, which causes delays.
Technical support from Sophos is rated as nine out of ten, which represents high quality.
 

Scalability Issues

Sentiment score
7.6
Cortex XDR offers scalable, efficient data handling across Linux, Mac, and Windows, praised for simplifying large enterprise management.
Sentiment score
7.6
Intercept X Endpoint is praised for its scalability, ease of deployment, and adaptability for businesses of all sizes.
The tool's scalability is good, and I would rate it an eight out of ten.
 

Stability Issues

Sentiment score
8.0
Cortex XDR is praised for its stability and reliability, with minor issues noted but generally offering seamless protection.
Sentiment score
8.0
Intercept X Endpoint is stable and reliable, though some report occasional issues with updates and high resource usage.
Cortex XDR is stable, offering high quality and reliable performance.
For the last 11 months, we haven't faced any outage issues, so it is a stable product.
To improve Intercept X Endpoint performance, upgrades in RAM and other system features are needed.
In terms of stability, I would rate Intercept X Endpoint an eight out of ten.
 

Room For Improvement

Cortex XDR struggles with integration, high memory, false positives, limited features, complex setup, and lacks enhanced support and customization.
Intercept X Endpoint needs enhancements in user management, integration, performance, customization, and support, while addressing high resource consumption.
If the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better.
The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products.
Cortex XDR could improve its sales support team, including better commission structures and referral programs.
There should be a profile where I can see what files Sophos is scanning.
Intercept X Endpoint sometimes slows down machines due to high CPU utilization and significant RAM consumption during scanning.
There is a licensing issue with Intercept X Endpoint; these licenses are user-based, and most of our customers require per-device licenses because they use one PC for multiple accounts, which presents a problem.
 

Setup Cost

Enterprise buyers view Cortex XDR as expensive yet flexible, offering scalable licensing with varying costs based on features and users.
Intercept X Endpoint pricing varies by deployment, offering annual plans with discounts and flexible payments, valued for robust features.
Cortex XDR is perceived as expensive by some customers, yet offers dynamic pricing.
Compared to competitors such as CrowdStrike and Sophos, the pricing of Cortex XDR by Palo Alto Networks is similar to CrowdStrike but more expensive than Sophos.
The pricing of Intercept X Endpoint is a bit high.
I would describe it as economical, but not much cheaper than other solutions.
 

Valuable Features

Cortex XDR excels in cybersecurity with advanced detection, ease of use, and integration, offering scalable, efficient threat management.
Sophos Intercept X Endpoint provides AI-driven security, centralized management, easy setup, and cost-effective protection with advanced threat detection.
It incorporates AI for normal behavior detection, distinguishing unusual operations.
The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.
If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon.
Its AI algorithms provide excellent protection against attackers.
Intercept X Endpoint is the only endpoint security product I know that provides content filtering and application controls.
Intercept X Endpoint has been stable, and I appreciate the centralized management and the reporting feature.
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Extended Detection and Response (XDR)
7th
Ranking in Ransomware Protection
2nd
Average Rating
8.4
Reviews Sentiment
7.4
Number of Reviews
91
Ranking in other categories
AI-Powered Cybersecurity Platforms (4th)
Intercept X Endpoint
Ranking in Endpoint Protection Platform (EPP)
10th
Ranking in Extended Detection and Response (XDR)
11th
Ranking in Ransomware Protection
3rd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
106
Ranking in other categories
Endpoint Detection and Response (EDR) (11th), ZTNA (8th), Managed Detection and Response (MDR) (7th)
 

Mindshare comparison

As of July 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.9% compared to the previous year. The mindshare of Intercept X Endpoint is 1.6%, down from 3.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP)
 

Featured Reviews

NiteshSharma - PeerSpot reviewer
Automated threat response and behavioral control improve security measures
I recommend adding a data loss prevention (DLP ( /categories/data-loss-prevention-dlp )) solution to Cortex XDR ( /categories/extended-detection-and-response-xdr ) by Palo Alto Networks. The inclusion of this feature would allow the application of DLP ( /categories/data-loss-prevention-dlp ) policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products. Additionally, multi-tenancy and multi-cloud features are not available and should be considered for inclusion.
Suwandhi Suraweera - PeerSpot reviewer
Offers advanced filtering features and benefits from improved licensing and performance
There is a licensing issue with Intercept X Endpoint. Their licenses are user-based. Most of our customers use per device licenses, and they need per device licenses because they use one PC for multiple accounts. This creates a problem. There was one customer who complained about the slowness of PCs using Intercept X Endpoint. They use minor performance PCs, which causes their PCs to become slow.
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
859,687 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
14%
Financial Services Firm
9%
Manufacturing Company
8%
Government
7%
Computer Software Company
18%
Manufacturing Company
7%
Comms Service Provider
6%
Financial Services Firm
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
How does Crodwstrike Falcon compare with Sophos Intercept X?
I like that Crowdstrike Falcon allows me to easily correlate data between my firewalls. Its detection and machine learning are very valuable features. Crowdstrike Falcon also successfully prevents ...
What is your experience regarding pricing and costs for Sophos Intercept X?
I would describe it as economical, but not much cheaper than other solutions.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Sophos Intercept X
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Flexible Systems
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Intercept X Endpoint and other solutions. Updated: June 2025.
859,687 professionals have used our research since 2012.