Cortex XSIAM vs Microsoft Defender External Attack Surface Management comparison

Security Information and Event Management (SIEM)

Download the complete report

Helped 857,162 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XSIAM

Average Rating

8.4

Reviews Sentiment

7.1

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (14th), Identity Threat Detection and Response (ITDR) (5th), AI-Powered Cybersecurity Platforms (7th)

Microsoft Defender External...

Average Rating

7.6

Reviews Sentiment

6.0

Number of Reviews

Ranking in other categories

Attack Surface Management (ASM) (12th), Microsoft Security Suite (34th)

Mindshare comparison

While both are Security Software solutions, they serve different purposes. Cortex XSIAM is designed for Security Information and Event Management (SIEM) and holds a mindshare of 3.0%, up 1.0% compared to last year.
Microsoft Defender External Attack Surface Management, on the other hand, focuses on Attack Surface Management (ASM), holds 3.2% mindshare, up 2.7% since last year.

Security Information and Event Management (SIEM)

Attack Surface Management (ASM)

Featured Reviews

AKASH MAJUMDER

SOC Analyst at OVELOSEC

Incident response times have significantly reduced with efficient device integration and log parsing capabilities

Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports. Additionally, a future update request is to enable tagging of endpoints in groups, similar to a feature available in Cortex XDR. The AI analytics need fine-tuning because some use cases are not working from my side.

Read full review

AndyChan3

General manager at a tech services company with 201-500 employees

Enhanced visibility and exposes vulnerabilities but needs more integration

I am currently in the pilot stage of implementing Microsoft External Attack Surface Management (EASM). My organization is transitioning to a comprehensive track of Microsoft solutions, and we will move to full-scale production in another year, maybe Microsoft External Attack Surface Management…

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."

"The flexibility for creating manual workflows stands out."

"Since implementing Cortex XSIAM, incident response times have been significantly reduced by approximately twenty percent."

"One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities."

"The most valuable feature is the integration capability."

"One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities."

"I would give Cortex XSIAM a rating of ten out of ten."

"The flexibility for creating manual workflows stands out."

More Cortex XSIAM pros

"Microsoft External Attack Surface Management helps improve the visibility of my exposed vulnerabilities and provides an overview of my security posture across the globe."

"It seems to be better at protecting from cyberattacks."

Cons

"Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike."

"It could provide more integration with a large variety of products."

"The first impression is that XSIAM would be more expensive than others we tried."

"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."

"The solution’s pricing and technical support could be improved."

"Further integration capabilities with various other software products that can seamlessly tie into Cortex XSIAM would be advantageous."

"The support could be a bit faster."

"I am not sure if any improvements are needed right now."

More Cortex XSIAM cons

"The integration is not as seamless compared to competitors like Palo Alto."

"With Microsoft, support is always crazy, it's not easy to get support."

"Further integration across different Microsoft products would be an improvement."

Pricing and Cost Advice

"The solution is expensive compared to its competitors."

"The solution comes at a significant cost."

"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."

"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."

"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Security Information and Event Management (SIEM) solutions are best for your needs.

See recommendations

857,162 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Manufacturing Company

10%

Financial Services Firm

Government

Computer Software Company

20%

Financial Services Firm

13%

Manufacturing Company

Energy/Utilities Company

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Cortex XSIAM?

It is an effective solution in terms of performance and functionalities.

What is your experience regarding pricing and costs for Cortex XSIAM?

The licensing cost of Cortex XSIAM is more or less the same as Splunk, making it quite expensive compared to other tools. There are additional expenses for more functionalities.

What needs improvement with Cortex XSIAM?

What is your experience regarding pricing and costs for Microsoft Defender External Attack Surface Management?

I rate the pricing of the solution as eight out of ten.

What needs improvement with Microsoft Defender External Attack Surface Management?

Further integration across different Microsoft products would be an improvement. Introduction of more AI automation into the products would also be beneficial. The integration is not as seamless co...

What is your primary use case for Microsoft Defender External Attack Surface Management?

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM

Comparisons

Compared 37% of the time

Microsoft Sentinel vs Cortex XSIAM

Compared 13% of the time

Splunk SOAR vs Cortex XSIAM

Compared 7% of the time

IBM Security QRadar vs Cortex XSIAM

Compared 7% of the time

CrowdStrike Falcon vs Cortex XSIAM

Compared 6% of the time

More Cortex XSIAM Competitors

Qualys CyberSecurity Asset Management vs Microsoft Defender External Attack Surface Management

Compared 20% of the time

Tenable Attack Surface Management vs Microsoft Defender External Attack Surface Management

Compared 16% of the time

Bitsight vs Microsoft Defender External Attack Surface Management

Compared 13% of the time

CrowdStrike Falcon vs Microsoft Defender External Attack Surface Management

Compared 13% of the time

Darktrace vs Microsoft Defender External Attack Surface Management

Compared 12% of the time

More Microsoft Defender External Attack Surface Management Competitors

Product Reports

Security Information and Event Management (SIEM)

Download Cortex XSIAM product report

Attack Surface Management (ASM)

Download Microsoft Defender External Attack Surface Management product report

Microsoft Defender External Attack Surface Management report

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

Security Orchestration: Streamlines processes across security operations.
Automation and Response: Efficient incident response management.
Detection Enrichment: Enhances identification of threats.
Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

Cost-Effectiveness: Provides economical options compared to other market players.
Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
Reduced Management Effort: Simplifies the administration of security operations.
Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

In this era of hybrid work, shadow IT creates an increasingly serious security risk. Microsoft Defender External Attack Surface Management helps cloud security teams see unknown and unmanaged resources outside the firewall.

Microsoft

Security Information and Event Management (SIEM)