No more typing reviews! Try our Samantha, our new voice AI agent.

Cortex XSIAM vs Gigamon Deep Observability Pipeline comparison

 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

ROI

Sentiment score
4.3
Cortex XSIAM achieved savings over $500,000 by automating over half of detection and response, optimizing incident management.
Sentiment score
4.8
Gigamon Deep Observability Pipeline boosts productivity and efficiency through reduced troubleshooting, improved security visibility, and optimized resource management.
 

Customer Service

Sentiment score
6.1
Cortex XSIAM technical support experiences vary, with premium support praised for expertise, while distributor-based support quality fluctuates.
Sentiment score
5.4
Gigamon Deep Observability Pipeline's technical support is generally praised, though outsourced support presents challenges for some users.
With premium support, core Palo Alto technical experts handle issues directly.
Team Lead, Security at seamlessinfotech.com
It is ineffective in terms of responding to basic queries and addressing future requirements.
Associate Director at a financial services firm with 5,001-10,000 employees
I had a dedicated person allocated for supporting, and even with them, it was very good.
Cybersecurity Architect at a computer software company with 10,001+ employees
The technical support by Gigamon Deep Observability Pipeline is good because it has a local architect in my area.
Senior Relationship Banker at Joint stock Commercial Bank for Foreign Trade of V
 

Scalability Issues

Sentiment score
6.6
Cortex XSIAM excels in scalability and cloud deployment, though integration affects performance and some prefer more on-premises functionality.
Sentiment score
6.5
Gigamon Deep Observability Pipeline excels in scalability, especially in cloud environments, accommodating large deployments with ease and flexibility.
Without proper integration, scaling up with more servers is meaningless.
Associate Director at a financial services firm with 5,001-10,000 employees
The SOC team is responsible for fully managing Cortex XSIAM.
Cybersecurity Architect at a computer software company with 10,001+ employees
Cortex XSIAM is highly scalable.
SOC Analyst at OVELOSEC
 

Stability Issues

Sentiment score
7.5
Cortex XSIAM is cloud-based, reliable, with minimal maintenance, and occasional update issues are quickly resolved, enhancing performance.
Sentiment score
7.2
Gigamon Deep Observability Pipeline delivers stable, reliable performance in data centers, with high ratings despite minor issues in older systems.
The product was easy to install and set up and worked right.
Owner at Xelere
With continuous integration that the colleagues probably are doing, it is becoming better and better.
Cybersecurity Architect at a computer software company with 10,001+ employees
Overall, Cortex XSIAM is stable.
SOC Analyst at OVELOSEC
 

Room For Improvement

Cortex XSIAM needs better integration, usability, pricing, data management, and support for enhanced performance and flexibility.
Gigamon Deep Observability Pipeline needs security enhancements, improved GUI, better performance, cloud support, and easier setup and hardware handling.
Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long.
Associate Director at a financial services firm with 5,001-10,000 employees
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
SOC Analyst at OVELOSEC
Cortex XSIAM is on the expensive side and requires substantial improvement in pricing.
Solutions Architect at ostec
 

Setup Cost

Cortex XSIAM is expensive with variable pricing, complexity in licensing, and additional costs for functionalities and resources.
Gigamon Deep Observability Pipeline is often seen as expensive, but pricing perceptions vary based on needs and roles.
The first impression is that XSIAM would be more expensive than others we tried.
Owner at Xelere
The product is very expensive.
Associate Director at a financial services firm with 5,001-10,000 employees
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable.
Director at MICROLOGIC NETWORKS PRIVATE LIMITED
 

Valuable Features

Cortex XSIAM enhances incident response with automation, integration, and machine learning, providing comprehensive network security and threat identification.
Gigamon Deep Observability Pipeline improves network visibility, performance, and security through advanced traffic analysis, integration, and process efficiencies.
The advanced visualization capabilities of the product are important for understanding security trends in an organization.
Solutions Architect at ostec
To have Cortex XSIAM available is to basically have integration of all log sources, all alerting, and so on and so forth from firewalls and different tools, to get everything in one place, and afterwards to be able to build on the information that is coming.
Cybersecurity Architect at a computer software company with 10,001+ employees
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
Owner at Xelere
The Pipeline's Comprehensive Insights into data flows have helped improve operational efficiency and security.
Senior Relationship Banker at Joint stock Commercial Bank for Foreign Trade of V
 

Categories and Ranking

Cortex XSIAM
Ranking in Security Information and Event Management (SIEM)
8th
Average Rating
8.6
Reviews Sentiment
6.7
Number of Reviews
16
Ranking in other categories
Identity Threat Detection and Response (ITDR) (6th), AI-Powered Cybersecurity Platforms (7th)
Gigamon Deep Observability ...
Ranking in Security Information and Event Management (SIEM)
43rd
Average Rating
8.6
Reviews Sentiment
6.5
Number of Reviews
9
Ranking in other categories
Application Performance Monitoring (APM) and Observability (41st), Event Monitoring (15th), Data Loss Prevention (DLP) (34th), Web Application Firewall (WAF) (34th), Advanced Threat Protection (ATP) (25th), Network Packet Broker (NPB) (1st), Network Detection and Response (NDR) (16th)
 

Mindshare comparison

As of July 2026, in the Security Information and Event Management (SIEM) category, the mindshare of Cortex XSIAM is 1.7%, down from 2.8% compared to the previous year. The mindshare of Gigamon Deep Observability Pipeline is 0.5%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Information and Event Management (SIEM) Mindshare Distribution
ProductMindshare (%)
Cortex XSIAM1.7%
Gigamon Deep Observability Pipeline0.5%
Other97.8%
Security Information and Event Management (SIEM)
 

Featured Reviews

reviewer2541030 - PeerSpot reviewer
Cybersecurity Architect at a computer software company with 10,001+ employees
Unified security monitoring has simplified incident response and improved automated threat handling
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually very in-depth. I mean, you can do most of the things and a lot of integration that you actually want. So if I want to choose to send things to WildFire, for example, I can choose to send it, I can choose to not send it. This basically offers flexibility to implement Cortex XSIAM in more standardized places where you maybe have a certification. I would say that the thing that maybe needs a bit more improvement is the fact that the one with the firewall because I have seen some things there that are kind of hard to manage. You do not really have a very easy way to manage those, unless you actually know where you have put them. So it is very inflexible. In the rest, you have a lot of playbooks that you can do and you can do lots of automation, which is actually easy to manage from what I have seen from my colleagues.
TN
Senior Relationship Banker at Joint stock Commercial Bank for Foreign Trade of V
Experience boosts operational efficiency while performance sees room for improvement
I don't have specific information on whether it was purchased on the AWS marketplace or somewhere else. I am working with Dynatrace Operator. I am also working with Algosec, Alluvio, CrowdStrike, Firemon, Gigamon Deep Observability Pipeline, and other solutions. I think it's a good tool, and I am satisfied with it. We have not stored cloud workloads with Gigamon Deep Observability Pipeline yet; we are still on-premises. The technical support takes about one to two hours to respond, which is acceptable. I am satisfied with the scalability of the product. The interface is good.
report
Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
12%
Manufacturing Company
10%
Financial Services Firm
9%
Government
6%
Financial Services Firm
14%
Computer Software Company
9%
Manufacturing Company
9%
Healthcare Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business9
Midsize Enterprise2
Large Enterprise5
By reviewers
Company SizeCount
Small Business3
Midsize Enterprise1
Large Enterprise5
 

Questions from the Community

What is your experience regarding pricing and costs for Cortex XSIAM?
I did not participate in pricing discussions for Cortex XSIAM solutions, so I cannot provide a review regarding prices for this solution.
What needs improvement with Cortex XSIAM?
The firewall side can make some improvements. I know the firewall on Cortex XSIAM is based on Windows. From what I have experienced so far, I have seen that the policies you can create are actually...
What needs improvement with Gigamon Deep Observability Pipeline?
Gigamon Deep Observability Pipeline needs to improve its performance. I face issues with performance because we use SPAN, and the SPAN traffic is not good. They need to improve their performance.
What is your primary use case for Gigamon Deep Observability Pipeline?
I am working with Gigamon Deep Observability Pipeline and Firemon, and I have been working with it for a year.
What advice do you have for others considering Gigamon Deep Observability Pipeline?
I don't have specific information on whether it was purchased on the AWS marketplace or somewhere else. I am working with Dynatrace Operator. I am also working with Algosec, Alluvio, CrowdStrike, F...
 

Also Known As

No data available
Gigamon, GigaSecure
 

Overview

 

Sample Customers

Information Not Available
Amica Insurance, College of William & Mary, Gamma, IntercontinentalExchange, OppenheimerFunds
Find out what your peers are saying about Cortex XSIAM vs. Gigamon Deep Observability Pipeline and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.