Cortex XSIAM vs Sophos Central comparison

Palo Alto Networks and Sophos are both solutions in the AI-Powered Cybersecurity Platforms category. Palo Alto Networks is ranked #7 with an average rating of 8.3, while Sophos is ranked #9 with an average rating of 8.3. Palo Alto Networks holds a 11.8% mindshare in AICP, compared to Sophos’s 0.0% mindshare. Additionally, 100% of Palo Alto Networks users are willing to recommend the solution, compared to 94% of Sophos users who would recommend it.

Cortex XSIAM

Read 13 Cortex XSIAM reviews

7,532 Views
1,883 Comparison Views

100% willing to recommend

Sophos Central

Read 39 Sophos Central reviews

555 Views
6 Comparison Views

94% willing to recommend

Cortex XSIAM

Sophos Central

Comparison Buyer's Guide

Download the report

Executive Summary

We performed a comparison between Cortex XSIAM and Sophos Central based on real PeerSpot user reviews.

Find out in this report how the two AI-Powered Cybersecurity Platforms solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI.

To learn more, read our detailed Cortex XSIAM vs. Sophos Central Report (Updated: July 2025).

Buyer's Guide

Cortex XSIAM vs. Sophos Central

July 2025

Download the complete report

Helped 865,384 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Cortex XSIAM

Ranking in AI-Powered Cybersecurity Platforms

7th

Average Rating

8.4

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

Security Information and Event Management (SIEM) (15th), Identity Threat Detection and Response (ITDR) (5th)

Sophos Central

Ranking in AI-Powered Cybersecurity Platforms

9th

Average Rating

8.4

Reviews Sentiment

8.5

Number of Reviews

Ranking in other categories

No ranking in other categories

Mindshare comparison

As of August 2025, in the AI-Powered Cybersecurity Platforms category, the mindshare of Cortex XSIAM is 11.8%, up from 5.4% compared to the previous year. The mindshare of Sophos Central is 0.0%. It is calculated based on PeerSpot user engagement data.

AI-Powered Cybersecurity Platforms

Featured Reviews

AKASH MAJUMDER

SOC Analyst at OVELOSEC

Incident response times have significantly reduced with efficient device integration and log parsing capabilities

Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports. Additionally, a future update request is to enable tagging of endpoints in groups, similar to a feature available in Cortex XDR. The AI analytics need fine-tuning because some use cases are not working from my side.

Read full review

Sandeepraj Gatla

SOC Analyst at Wydur

Cost-effective security management with a user-friendly interface, efficient resource utilization, and rapid response capabilities

While Sophos Central has demonstrated commendable functionality, there is room for improvement in the realm of automation. Specifically, addressing ransomware attacks often requires leveraging external tools, deploying virtual machines, and utilizing supplementary tools like Caliper Analytics for operations and security communication. The integration of these essential functionalities directly into the software would represent a significant enhancement, streamlining the incident response process and bolstering the platform's comprehensive threat mitigation capabilities. Furthermore, a valuable addition to future releases could involve augmenting the new screen component with advanced capabilities such as XML utilization and rule integration. This enhancement, especially pertinent to tools involved in sandboxing and virtual machines within the investigation process, would greatly streamline the analysis of logs and reports. This would prove particularly beneficial in the context of email analysis, spam attack detection, and other critical security aspects. By incorporating these features, Sophos Central could further elevate its utility in facilitating in-depth security analyses and response strategies.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"Cortex XSIAM enhances our ability to apply endpoint protection policies, implement restrictions, conduct scans, and engage in sandboxing."

"Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program."

"One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities."

"The flexibility for creating manual workflows stands out."

"It is an effective solution in terms of performance and functionalities."

"The most valuable feature is the integration capability."

"The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards."

More Cortex XSIAM pros

"The product's initial setup phase is easy and user-friendly."

"The solution's most valuable feature is the ease with which admins can monitor and troubleshoot issues related to any emails coming into our environment with malware or viruses."

"Sophos Central is good. It's also free for all those firewalls because, from Sophos Central, we manage the firewalls and push the policies to the firewall."

"It is very useful to deploy policies centrally and monitor the status of our appliances, especially given that we are the main branches. With Sophos Central, you can centrally manage and deploy security policies and updates, saving time and eliminating the need for the technical team to travel to each branch individually."

"The tool enables me to see the security of my customers’ PCs at a glance."

"The product's installation phase was easy."

"It is easy to manage and configure."

"Sophos Central is a good and easy-to-manage product."

More Sophos Central pros

Cons

"Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports."

"The standard integrations are very limited, and the integrations available are not listed in the marketplace. Obtaining validation for integrations from Palo Alto takes around eight months, which is quite long."

"The solution’s pricing and technical support could be improved."

"The first impression is that XSIAM would be more expensive than others we tried."

"I would rate the overall stability a six or seven, as we have only used it for a few months and need a year of experience to provide a full assessment."

"The standard integrations are very limited, and the integrations available are not listed in the marketplace."

"There is room for improvement in expanding integrations to include more cybersecurity solutions."

"The support could be a bit faster."

More Cortex XSIAM cons

"The product does not have a dedicated MFA."

"The high price of the tool is a drawback that can be considered for improvement."

"The tool is slow in the Middle East region. It should also integrate custom reporting."

"It's not well-marketed, so many customers don't know about this feature."

"Compared to GFI KerioControl, Sophos Firewall can be made much faster at setting up VPN clients and site-to-site VPNs."

"Integration with third party applications should be improved."

"Sophos Central must incorporate a diagrammatic graphical user interface for its practices and compliances."

"The tamper protection password is an area with certain shortcomings where improvements are required."

More Sophos Central cons

Pricing and Cost Advice

"In terms of pricing, we found Cortex XSIAM to offer a very reasonable and competitive rate."

"Since Palo Alto is trying to get as many new customers as possible, they're offering very competitive pricing."

"The solution is expensive compared to its competitors."

"The solution comes at a significant cost."

"The product cost could be considered value for money compared to other solutions in the market, though it is quite high."

"Sophos Central is an affordable solution that any mid-level customer can buy."

"The product is inexpensive."

"Sophos is more cost-effective than other vendors."

"The product is expensive compared to other products like Fortinet and Microsoft Defender."

"The product is not expensive."

"Sophos Central is moderately priced."

"Though I don't know the exact price of the product, I know that the tool is worth the money."

"It is rather expensive."

More Sophos Central pricing and cost advice

See which vendors are best for you

Use our free recommendation engine to learn which AI-Powered Cybersecurity Platforms solutions are best for your needs.

See recommendations

865,384 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

13%

Manufacturing Company

10%

Financial Services Firm

10%

Government

Manufacturing Company

18%

Comms Service Provider

13%

Financial Services Firm

10%

University

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

Questions from the Community

What do you like most about Cortex XSIAM?

It is an effective solution in terms of performance and functionalities.

See all answers

What is your experience regarding pricing and costs for Cortex XSIAM?

The licensing cost of Cortex XSIAM is more or less the same as Splunk, making it quite expensive compared to other tools. There are additional expenses for more functionalities.

See all answers

What needs improvement with Cortex XSIAM?

See all answers

What do you like most about Sophos Central?

One of the significant advantages of Sophos is its affordability compared to other technologies like Check Point and Fortinet.

See all answers

What is your experience regarding pricing and costs for Sophos Central?

As we get more people, we just add another item or Sophos appliances, and then we are good to go.

See all answers

What needs improvement with Sophos Central?

As a user, I suggest improving Sophos Central by addressing some error messages we occasionally encounter that we just do not know what they relate to, even when it says it has resolved them. To im...

See all answers

Comparisons

Palo Alto Networks Cortex XSOAR vs Cortex XSIAM

Compared 33% of the time

Microsoft Sentinel vs Cortex XSIAM

Compared 13% of the time

IBM Security QRadar vs Cortex XSIAM

Compared 7% of the time

Cortex XDR by Palo Alto Networks vs Cortex XSIAM

Compared 6% of the time

CrowdStrike Falcon vs Cortex XSIAM

Compared 6% of the time

More Cortex XSIAM Competitors

VyOS Platform vs Sophos Central

Compared 100% of the time

More Sophos Central Competitors

Product Reports

Buyer's Guide

Security Information and Event Management (SIEM)

August 2025

Download Cortex XSIAM product report

Buyer's Guide

Sophos Central

July 2025

Download Sophos Central product report

Overview

Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.

Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.

What are Cortex XSIAM's key features?

Security Orchestration: Streamlines processes across security operations.
Automation and Response: Efficient incident response management.
Detection Enrichment: Enhances identification of threats.
Centralized Endpoint Security: Comprehensive protection and monitoring of endpoints.
Forensic Investigation: Automated investigation to expedite threat analysis.

What benefits are evident in Cortex XSIAM reviews?

Cost-Effectiveness: Provides economical options compared to other market players.
Comprehensive Integration: Seamlessly integrates with multiple data sources and vendors.
Reduced Management Effort: Simplifies the administration of security operations.
Enhanced Threat Detection: Strengthens identification and remediation processes.

Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.

Palo Alto Networks

Sophos Central allows you to manage our award-winning Synchronized Security platform. Advanced attacks are more coordinated than ever before. Now, your defenses are too. Our revolutionary Security Heartbeat™ ensures your endpoint protection and firewall are talking to each other. It’s a simple yet effective idea that means you get better protection against advanced threats and spend less time responding to incidents. It’s so simple, it makes you wonder why nobody did it before.

Sophos

Buyer's Guide

Cortex XSIAM vs. Sophos Central

July 2025

Free Report: Cortex XSIAM vs. Sophos Central

Find out what your peers are saying about Cortex XSIAM vs. Sophos Central and other solutions. Updated: July 2025.

DOWNLOAD NOW

865,384 professionals have used our research since 2012.

See our Cortex XSIAM vs. Sophos Central report.

See our list of best AI-Powered Cybersecurity Platforms vendors.

We monitor all AI-Powered Cybersecurity Platforms reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.