Vectra AI and Cortex XSIAM compete in the cybersecurity solutions category, focusing on threat detection and response. Based on the feature sets and user feedback, Vectra AI has an edge in actionable alerting and reducing false positives, which are critical in efficient threat management.
Features: Vectra AI excels with strong detection capabilities for east-west traffic, alert reduction through roll-up features, and metadata enrichment. Its integration with existing security tools and ability to track an attack's lifecycle also differentiate it. Cortex XSIAM's strengths include a comprehensive threat detection approach integrating machine learning, robust third-party integration, and valuable forensic investigation tools.
Room for Improvement: Vectra AI needs better SIEM integration, improved syslog handling, and more deployment flexibility across varied environments. Users also suggest enhancements in detection specificity and dashboard functionality. Cortex XSIAM could improve integration capabilities, optimize performance under heavy usage, and address pricing and technical support concerns to increase versatility within broader ecosystems.
Ease of Deployment and Customer Service: Vectra AI offers both on-premises and cloud solutions and is praised for responsive and knowledgeable technical support, with a positive view of customer service. Cortex XSIAM, mainly a cloud solution, is also recognized for its responsive technical support, concentrating on centralized assistance to meet user needs effectively.
Pricing and ROI: Vectra AI is seen as expensive, with some users citing its dated licensing model and extra feature costs. However, users report significant ROI through reduced incident response times and enhanced security operations. Cortex XSIAM is competitively priced but can become costly with add-ons. The ROI primarily comes from improved security efficiencies and faster threat detection, which many users find justifies its cost.
It is ineffective in terms of responding to basic queries and addressing future requirements.
The Palo Alto support team is fully responsive and helpful.
The support is quite reliable depending on the service engineer assigned.
When I create tickets, the response is fast, and issues are solved promptly.
Without proper integration, scaling up with more servers is meaningless.
Cortex XSIAM is highly scalable.
The product was easy to install and set up and worked right.
Overall, Cortex XSIAM is stable.
In terms of incident response automation, it is quite poor due to the lack of integration with all security tools, making manual intervention necessary.
Cortex XSIAM needs improvements in terms of data onboarding, parsers, and third-party integration supports.
Cortex XSIAM is pretty expensive, and the licensing process is not very comfortable compared to CrowdStrike.
ExtraHop's ability to decrypt encrypted data is a feature that Vectra AI lacks.
You need to have a Linux server, and from the Linux server, you must perform AI tasks, and there is a lot to be handled in the back end.
Neither Vectra nor Darktrace have a function like a status health check on my log sources and traffic sources.
The product is very expensive.
The first impression is that XSIAM would be more expensive than others we tried.
The licensing cost of Cortex XSIAM is more or less the same as Splunk, making it quite expensive compared to other tools.
Vectra is cheaper in terms of pricing and features compared to Darktrace.
It is very acceptable when you compare it with Darktrace, for example.
Its signature-less subscriptions and robust detection power stand out in improving threat detection.
Cortex XSIAM is able to detect abnormal behavior of malicious code and subsequently block it.
One of the valued aspects of the product is its use of artificial intelligence to detect security vulnerabilities.
The main feature of Vectra AI that I find valuable is its focus on the user interface and its approximately two hundred algorithms based on artificial intelligence and machine learning.
There are extensive out-of-box detection capabilities.
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to competitors like CrowdStrike and Trend Micro. Featuring automation and integration with Palo Alto Networks products, Cortex XSIAM enhances threat detection. Unified architecture allows a comprehensive view of attacks, further supported by machine learning and integration with existing vendor solutions, ensuring that users gain insights without significant manual log analysis.
What are Cortex XSIAM's key features?
What benefits are evident in Cortex XSIAM reviews?
Industries implement Cortex XSIAM mainly in technology-driven sectors where centralized endpoint protection and automation of forensic investigation are paramount. By integrating several third-party systems for incident response, companies in competitive markets leverage its attributes for heightened operational security efficiency. However, users note areas for improvement, such as Attack Surface Management and integration enhancements, to better suit tech-heavy industries needing extensive connectivity with cybersecurity solutions.
Vectra AI is used for detecting network anomalies and potential malicious activities, providing visibility into network traffic and enhancing threat detection across environments.
Organizations deploy Vectra AI mainly on-premises with additional cloud components. It helps with compliance, incident response, security monitoring, detecting insider threats, and correlating network events. Vectra AI captures and enriches network metadata, provides detailed dashboards, reduces false positives, and supports cross-environment behavioral analysis to enhance threat detection and prioritization. While valued for its high accuracy and alert aggregation, it has room for improvement in UI/UX, packet management, and integration with SIEMs and other tools. It is noted for expensive pricing and limited proactive threat response features.
What are Vectra AI's most valuable features?In specific industries, Vectra AI is deployed to monitor complex networks and alleviate challenges in threat detection. It is particularly effective in sectors requiring stringent compliance and security measures, offering insights and capabilities crucial for protecting sensitive data and maintaining operational integrity.
We monitor all Identity Threat Detection and Response (ITDR) reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
