No more typing reviews! Try our Samantha, our new voice AI agent.

Darktrace vs ReliaQuest GreyMatter comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Darktrace
Ranking in Extended Detection and Response (XDR)
7th
Average Rating
8.2
Reviews Sentiment
7.1
Number of Reviews
84
Ranking in other categories
Email Security (10th), Intrusion Detection and Prevention Software (IDPS) (2nd), Network Traffic Analysis (NTA) (1st), Network Detection and Response (NDR) (1st), Cloud Security Posture Management (CSPM) (10th), Cloud-Native Application Protection Platforms (CNAPP) (9th), Attack Surface Management (ASM) (4th), AI-Powered Cybersecurity Platforms (5th), AI Observability (6th)
ReliaQuest GreyMatter
Ranking in Extended Detection and Response (XDR)
25th
Average Rating
9.6
Reviews Sentiment
8.1
Number of Reviews
2
Ranking in other categories
Digital Risk Protection (11th), Managed Detection and Response (MDR) (17th)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of Darktrace is 4.4%, down from 7.7% compared to the previous year. The mindshare of ReliaQuest GreyMatter is 0.9%, up from 0.5% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Darktrace4.4%
ReliaQuest GreyMatter0.9%
Other90.1%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Pasan Jayarathna - PeerSpot reviewer
Network Security Engineer at Cyberwell Solution
Monitoring has improved data loss detection and now spots abnormal internal file transfers quickly
In my understanding, the best feature Darktrace offers is the identification of copying files, which acts as a DLP, and it is a main concern for companies because users sometimes copy data outside without knowing, especially those without a technical background. When I mention the DLP-like feature and file copying detection, the alerts have been very timely, as we get an alert within a couple of minutes, which is excellent. Even if some developers are working after hours and copying files, our SOC team detects this, and most of the time they call us so we can identify the users. The alerts are quite accurate and proactive.
Zaid bin junaid  - PeerSpot reviewer
Product Manager at Flash
Improved threat detection has reduced incidents and has automated investigations with AI
There are multiple features of ReliaQuest GreyMatter which I love personally. The agentic AI, which helps in autonomous investigation and containment, is multiplying the speed of the task to be done. Features such as managed service integration and MDR with human expertise when needed are some major features which I love about ReliaQuest GreyMatter.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If any application performs suspicious activities, such as changing registries or modifying other applications, Cortex XDR detects and blocks the entire application."
"Cortex is a very good total solution on the endpoints."
"One thing that I like about Cortex XDR by Palo Alto Networks, it is detecting all the suspicious or malicious binaries, and it has integration with Palo Alto Firewall."
"If you are looking to deploy a security solution as a whole, this is a good option."
"It has absolutely improved the way our organization functions, we are more secure, it is giving us more peace of mind, and it has found malicious activity happening on our endpoints that probably would not have been detected if we didn't have it."
"The product is mostly automated, and we do not have to make decisions, because all the decisions are made by the product itself and we are not required to create any custom policies since the policies that are created are well defined in the product itself."
"The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"The product can scale."
"I would 100% recommend Darktrace."
"The Antigena feature is most valuable. Once it learns your environment, Antigena can step in and block a denial of service attack, a ransomware attack, or just about anything that doesn't belong in the environment. It can detect any type of attack that hits the environment because it understands what normal looks like for the network. It is very useful for an autonomous response."
"What I like about Darktrace, is that you can quickly identify threats."
"Darktrace is valuable since it offers full packet capture and detailed metadata."
"We allow customers to access our Wi-Fi as guests, and some of them were going to restricted sites. Darktrace showed us what they were doing so we could block them."
"Darktrace is very useful for us because it has a large number of models for detecting threats."
"I like the Antigena feature in Darktrace, as it offers immediate response and is helpful."
"ReliaQuest GreyMatter has helped us to reduce security incidents by 89%, which is a significant amount of incidents we have seen."
"ReliaQuest GreyMatter saves around 60% of time or resources."
 

Cons

"It should support more mobile operating systems. That is one of the cons of their infrastructure right now."
"We had a problem with getting our older endpoints up to date, but their newest updates have been really good. I've been pleased with it in terms of what our needs are. It's doing what we want it to do."
"Cortex XDR could be improved with more GUI features."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"A better pricing plan would make this product more competitive."
"I have seen lagging with Cortex XDR by Palo Alto Networks. There was one time when we faced a threat actor trying to gain access to our system. When our team utilized the tool, we were all on the same dashboard and we faced a lag issue at that time of around five minutes, which was quite significant."
"It is an enterprise-level solution. Its price could be less expensive."
"There are some default policies which sometimes affect our applications and cause them to run around."
"It's quite expensive to have."
"The product is considered expensive compared to others."
"The solution's user interface and stability could be improved."
"The one downside is the pricing, which is quite high."
"There is a high ratio of false positive information."
"The pricing is expensive. It costs over $100,000 a year."
"Pricing bothers me and this is one of the major factors when choosing a solution."
"Its threat analyzer could be better. It should also have agents. They should improve this product by installing agents for the machine to get more visibility. Currently, they are monitoring only the network. They should also monitor the agents from inside. It should also have a better pricing plan because it is an expensive product."
"Areas that have room for improvement include user interface and integration."
 

Pricing and Cost Advice

"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"Cortex XDR’s pricing is very reasonable."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"I don't like that they have different types of licenses."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"It is "expensive" and flexible."
"It is a very expensive product."
"Prior to negotiating, Darktrace offered their appliance and service for $80,000 per year."
"The price of the solution is not cheap. It is not a one-time purchase, there is a subscription that needs to be paid every one to five years depending on your choice. It is expensive but you can reduce the price by only using the services that you want."
"The pricing is a little high compared to the competition."
"We had an issue with pricing initially and had to cancel some of the features of the projects to fit the budget. I would like to see pricing that is not broken up into parts so that we can buy the whole package once. Darktrace is more expensive than an average solution, but it's functionality won't match that of an average solution."
"The pricing is expensive. It costs over $100,000 a year."
"Darktrace is expensive. You can pay for the license yearly."
"The price of Darktrace is high and could be reduced. We pay approximately $30,000 to $54,000 annually."
Information not available
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
10%
Financial Services Firm
9%
Computer Software Company
9%
Government
7%
Financial Services Firm
11%
Manufacturing Company
9%
Construction Company
7%
Retailer
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business44
Midsize Enterprise20
Large Enterprise29
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
How does Crowdstrike Falcon compare with Darktrace?
Both of these products perform similarly and have many outstanding attributes. CrowdStrike Falcon offers an amazing u...
Which is better - SentinelOne or Darktrace?
Which solution is better depends on which is more suitable specifically for your company. Darktrace, for example, is ...
What is your experience regarding pricing and costs for Darktrace?
Concerning pricing for the product, I would say it is somewhat expensive.
What needs improvement with ReliaQuest GreyMatter?
Areas that have room for improvement include user interface and integration.
What is your primary use case for ReliaQuest GreyMatter?
I use ReliaQuest GreyMatter for detection and response, XDR, and SIEM. The best features I like about GreyMatter the ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Irwin Mitchell, Open Energi, Wellcome Trust, FirstGroup plc, Virgin Trains, Drax, QUI! Group, DNK, CreaCard, Macrosynergy, Sisley, William Hill plc, Toyota Canada, Royal British Legion, Vitol, Allianz, KKR, AIRBUS, dpd, Billabong, Mclaren Group.
Information Not Available
Find out what your peers are saying about Darktrace vs. ReliaQuest GreyMatter and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.