We performed a comparison between D3 Security, Palo Alto Networks Cortex XSOAR, and VMware Carbon Black Endpoint based on real PeerSpot user reviews.
Find out what your peers are saying about VMware, ServiceNow, IBM and others in Security Incident Response."It is an out-of-the-box automated integration with our 20 departments. We perform L1 LiveOps automatically through the portal."
"It was useful as a ticketing tool."
"The most valuable features of Palo Alto Networks Cortex XSOAR are its overall track record and features that fit our use case."
"The drag-and-drop interface enables analysts with no programming knowledge to create playbooks easily."
"The Palo Alto ecosystem has a marketplace offering integration with Sentinel or other products."
"We use the solution to automate our SIEM tools and incidents."
"What I like most about Palo Alto Networks Cortex XSOAR is how user-friendly it is for development. It is much simpler to work with compared to similar tools I've used."
"It is a scalable solution."
"It has an extensive list of integrations that are available out of the box which makes it easy to start."
"The most valuable feature of the solution stems from the support it provides."
"Technical support is excellent."
"It is a very complete platform."
"It is a scalable solution...The initial setup was straightforward."
"It is stable and easy to set up."
"The offline networking is the most important feature. Some of our users are engineers that work offsite, and they can still be on the solution, which is also great."
"The product is pretty strong in terms of security and their features are very good in that respect."
"The software uses very few resources; it is almost invisible to the end user."
"Reporting needs improvement. MTTR and MTTD metrics aren't directly available in playbooks and require manual effort to achieve."
"We need a little hands-on experience to install the solution."
"Palo Alto needs to develop more AI-centric products."
"The formats are not compatible, are readily not available, and are not readable."
"The dashboard performance could be improved."
"There is room for improvement in support. The response time could be faster."
"The configuration of the solution could improve it is difficult."
"It is been decommissioned by Palo Alto."
"Palo Alto Networks Cortex XSOAR could improve the look, feel, and management of the cloud console. Additionally, the user could be more easily integrated."
"It could be a bit complicated. You have to be very familiar with Carbon Black to understand what it is doing and why it is doing. I would like to have more explanations and simplification in the user interface. It would be good to get help and see more explanations. It should tell us that a software is blocked and the reason for it. It would be good to be able to build chains in terms of what caused what, what worked, and what caused an issue. We are now moving from Carbon Black to Cortex XDR. While choosing antivirus software, we were also looking at Carbon Black because it also has an antivirus package, and it is next-generation, but we were told that Carbon Black doesn't support firewalls. We have Palo Alto firewalls. We would have chosen this solution if it supported firewalls, in particular next-generation firewalls, but unfortunately, it doesn't. Therefore, we decided on Cortex XDR because it integrates with Palo Alto firewalls."
"Its compatibility can be improved. It did crash a server during deployment, which is not something that I want to happen. Its deployment should also be easier. The whole deployment cycle needs to be simplified. It is an enterprise solution, and to set it up right now, you have to be an expert."
"Report generation can be improved."
"What was rolled out to my company are mixed versions of Carbon Black CB Defense, so what I'd like to see in the next release is more synchronization, where it can detect the endpoint that's running an old version and suggest updates."
"I'm not sure as to the logic of how we've decided to customize it. We've only really used it since February and therefore there may be more to do on that front. That's why it's hard to say if something is missing or if we just aren't utilizing it."
"There is room for improvement in the support and service team."
"It is difficult to extract reports for ongoing scans"
"When you view the triage, it will show you everything within a given time frame, and not only the attack that caused the alert, which is what I want to see. It shows you all the events during that time, and that can be quite confusing."
More Palo Alto Networks Cortex XSOAR Pricing and Cost Advice →