Try our new research platform with insights from 80,000+ expert users

Cortex XDR by Palo Alto Networks vs Tanium comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 16, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Ranking in Endpoint Protection Platform (EPP)
5th
Ranking in Endpoint Detection and Response (EDR)
9th
Average Rating
8.4
Reviews Sentiment
7.3
Number of Reviews
92
Ranking in other categories
Extended Detection and Response (XDR) (7th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (4th)
Tanium
Ranking in Endpoint Protection Platform (EPP)
34th
Ranking in Endpoint Detection and Response (EDR)
30th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
19
Ranking in other categories
Server Monitoring (6th), Vulnerability Management (25th), Unified Endpoint Management (UEM) (11th)
 

Mindshare comparison

As of October 2025, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.7%, down from 4.5% compared to the previous year. The mindshare of Tanium is 2.4%, up from 2.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks3.7%
Tanium2.4%
Other93.9%
Endpoint Protection Platform (EPP)
 

Featured Reviews

HectorRios - PeerSpot reviewer
Has detected high-risk threats effectively and provides strong behavioral protection
They did well with handling high-risk threats. I would rate Palo Alto support an eight or nine. I would give them an eight because in the majority of cases, we talk with local partners, and only in case of an emergency or a difficult issue, we jump to Palo Alto support. When we had that experience with Palo Alto support, it was nice service, but it was really difficult to get it. To jump from the partner to Palo Alto directly was challenging. I understand that it's part of the service, as the local partner just jumps up to Palo Alto support in case they need it. In some cases, when we faced an important issue, it was preferred to jump directly to Palo Alto to save time.
NitinKushwaha - PeerSpot reviewer
Stable product with an ability to build complex roles
We use Tanium as an EDR solution for managing end-user devices and servers The product is granular and can build complex roles compared to other EDR vendors. Tanium's dashboard UI could be similar to CrowdStrike. We have been using Tanium for two and a half years. The product is stable. I rate…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else."
"Has great threat detection capabilities."
"Best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"Stability is one of the features we like the most."
"The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly. The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that."
"Tanium's most valuable features are patch management, inventory, and distribution software."
"The solution is scalable and helps to understand how infrastructure works. It helps to improve the health of the organization."
"The solution's technical support is very responsive."
"When I push a quick update, it's done right away, and I can rescan immediately to confirm completion within minutes."
"The interrogation piece was the most valuable feature because it was very detailed."
"The security features are very valuable."
"Tanium has made the process of detecting threats more proactive with its detection. So, the process is easier and more efficient."
"For incident response tasks, all these tasks can get done in minutes with minimal disruption to the end-user."
 

Cons

"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"The solution should force customers to integrate with network traffic to see the full benefits of XDR."
"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else."
"Every 30 or 40 days, there's a new version and we need to go and make sure our customer's laptops are upgraded."
"The installation should be easier and the Palo Alto pre-sales and sales teams should have more information on the product because they don't know what they are selling."
"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"They could improve the UI."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium."
"The most painful thing is the interface. It's a bit unclear sometimes."
"There are some bugs in the product. The tool needs to improve in the area of reporting."
"When working with Tanium, there are some older devices that haven't been patched for a long time, and certain patches are not included in Tanium. I have to search outside to download patches, create bundles, and then perform the task."
"Tanium's limitations should be improved because although it is a great tool, it is limited to only a few classes during a session."
"The solution can give a lot of false positives."
"Tanium’s scalability could be improved."
 

Pricing and Cost Advice

"Traps pays for itself within the first 16 months of a three-year subscription. This is attributed to OPEX savings, as security teams spent less time trying to identify and isolate malware for analysis as a result of a reduction in malware incidents, false positives, and breach avoidance."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It's the most expensive solution, but features-wise, it's quite strong. It's very good for protection, so the results are very good in the case of protection. I would rate it a two out of ten in terms of pricing."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"The solution is expensive but it's a good investment."
"The product's pricing differs from region to region depending on negotiations and the number of endpoints."
"Tanium is a more expensive solution in Latin America than some of the competitors, such as BigFix."
"It's an expensive solution. It would be nice if the cost were lower."
"It is higher than some competitors in the market."
"There is an annual license required to use this solution."
"The solution offers value for money."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
871,408 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
10%
Manufacturing Company
8%
Government
7%
Financial Services Firm
16%
Government
12%
Computer Software Company
9%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business41
Midsize Enterprise18
Large Enterprise36
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise3
Large Enterprise11
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. The ability to reverse damage caused by ransomware with minimal interruptions to...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions that are very scalable, secure, and user-friendly. Cortex XDR by Palo Alto offers ...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface, applies behavioral-based endpoint protection and response, and includes risk-ba...
What do you like most about Tanium?
The product is granular and can build complex roles compared to other EDR vendors.
What needs improvement with Tanium?
While there is always room for improvement, I am pleased with Tanium.
What is your primary use case for Tanium?
The primary use case for Tanium ( /products/tanium-reviews ) is compliance, patching, and inventory as part of the core functions.
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Tanium Inc Cloud, Tanium XEM
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
JPMorgan Chase, eBay, Amazon, US Bank, MetLife, pwc, Cerner, Delphi, MGM Grand, New York Life
Find out what your peers are saying about Cortex XDR by Palo Alto Networks vs. Tanium and other solutions. Updated: September 2025.
871,408 professionals have used our research since 2012.