No more typing reviews! Try our Samantha, our new voice AI agent.

ExtraHop Reveal(x) 360 vs Forescout Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
ExtraHop Reveal(x) 360
Ranking in Extended Detection and Response (XDR)
29th
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
5
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (17th), Container Security (35th), Network Traffic Analysis (NTA) (10th)
Forescout Platform
Ranking in Extended Detection and Response (XDR)
35th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
79
Ranking in other categories
Network Access Control (NAC) (6th), IoT Security (5th), Endpoint Compliance (2nd)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of ExtraHop Reveal(x) 360 is 1.0%, up from 0.4% compared to the previous year. The mindshare of Forescout Platform is 1.2%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
ExtraHop Reveal(x) 3601.0%
Forescout Platform1.2%
Other93.2%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer2857197 - PeerSpot reviewer
Lead IT Service Analyst at a manufacturing company with 10,001+ employees
Cloud-native threat detection has improved incident investigations and now reduces breach risk
We have covered most of the features over the past three years and look forward to discovering more as we work closely with the ExtraHop technical team, who are open to sharing what they have developed. Pricing is on the higher side, typically based on load, volume of traffic, and deployment scale. The advanced detection capabilities provide significant value in reducing investigation time, making the licensing and pricing acceptable for larger organizations. ExtraHop Reveal(x) 360 has undeniably improved our security posture, reduced manual investigation efforts, and facilitated fast threat detection mechanisms, which all help prevent costly potential breaches in enterprise environments. ExtraHop Reveal(x) 360's SaaS environment is well-suited for cloud, on-premises, and hybrid environments, effectively addressing real-life scenarios involving east-west and north-south traffic. The platform is recommended for large organizations in need of comprehensive detection capabilities. I would rate this product overall as an 8 out of 10.
AshishKumar Rai - PeerSpot reviewer
Security Consultant at a tech vendor with 10,001+ employees
Comprehensive visibility has strengthened endpoint control and automated threat response across networks
When it comes to improving Forescout Platform, I have faced some issues recently, particularly with the switch integration part. When integrating a switch, it asks for the vendor type, and often it does not match. For example, one series of HP switches may not be found in that vendor list. This leads to frustration because you have to check again with different HP models, and once you integrate a switch, you cannot edit the vendor list without removing it. Other issues are being worked on, particularly related to switch integration. I believe they will be fixed in the next upgrade or patch fix. There are no major issues, but the configuration changes needed for the switch model are necessary, and I think it would help if during integration, an admin user could check the password or credential used, as they currently cannot see the password after it is entered and saved.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them."
"Previously, we had to install endpoint protection per machine and then scan and update, but Cortex XDR basically does that centrally and predictably, so we have more time to do day-to-day work rather than spend time chasing those endpoints."
"The initial setup is pretty easy."
"The most valuable for us is the correlation feature."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud."
"Cortex is the best solution for avoiding security breaches, malware attacks, and other kinds of security issues."
"I've found the solution to be highly scalable for enterprises."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"It is scalable."
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"Their technical support is more effective and of better quality than other competitors."
"ExtraHop Reveal(x) 360 has undeniably improved our security posture, reduced manual investigation efforts, and facilitated fast threat detection mechanisms, which all help prevent costly potential breaches in enterprise environments."
"ExtraHop Reveal(x) 360 has positively impacted my organization by helping us detect abnormal activity on our network that we could not detect through our SIEM or XDR platform."
"ForeScout is a powerful network access control tool that has some features found in insider threat solutions, though it is not exactly made for that."
"Automated policy enforcement is particularly valuable as it significantly reduces the need for manual intervention, thus enhancing efficiency and security."
"This solution can be used to organize guest portals, integrate switches, and create policies, and some of its standard use cases also include completing key process upgrades and anti-virus of Windows OS."
"This product provided a really good effect in terms of network access control."
"Forescout Platform is stable, it is great."
"The ability to control to identify devices and control the actual devices was great."
"ForeScout has given us the ability to block unwanted devices."
"I can integrate Forescout with products from multiple vendors in my environment, and also, the integration is searchable. It can be used with 802.1X and non-802.1X to integrate with my existing network. I don't need to upgrade any existing networks in my system, and I don't need to replace existing devices to integrate with Forescout. I find value in not having to spend money upgrading existing devices and networks."
 

Cons

"Fine-tuning the detection policy requires experience because the policy is very complex in Cortex XDR by Palo Alto Networks, and we get high false positive alerts."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"The encryption is not up to the mark."
"The solution should offer more dashboards and they should be better customized."
"The main issue I could point out is the offline agents and the way that it is missing."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"I would like to see ExtraHop Reveal(x) 360 improved by integrating XDR features with NDR."
"One challenge with ExtraHop Reveal(x) 360 is its pricing, which tends to be comparatively high in the marketplace."
"There needs to be more support."
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"Their professional service can be improved."
"Forescout Platform's technical support is slow to respond and could be more knowledgeable."
"Maybe the licensing and cost can be improved."
"Multitenancy should be included in the next version so it could be used as a managed service provider."
"I should be able to integrate my Forescout with any other third party security technology, to build that connected security strategy."
"The logging of Forescout is horrible compared to other things that we've used."
"Detection and control of Dual-Homed devices needs to be improved, as the product sometimes gives false positives."
"The console is a fat client, and a web interface would be preferable."
"There were many issues with deployment, but these were largely due to our own network architecture issues."
 

Pricing and Cost Advice

"The pricing is okay, although direct support can be expensive."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I don't have any issues with the pricing. We are satisfied with the price."
"It is "expensive" and flexible."
"It has a yearly renewal."
"I feel it is fairly priced."
"When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
"We paid between $20,000 and $25,000 for a three-year license with maintenance."
"The cost of the solution depends on the customer's requirement because the customer is asking for different integration with a different product. Forescout Platform's price would start to get a bit higher. However, overall the price is a little expensive. It's can fit within the customer budget."
"For one license, we pay around 3,000 Indian rupees."
"The price of the Forescout Platform is expensive. I purchased it for approximately 94 lakhs."
"We might have paid in the ballpark of $20,000 yearly for our licenses. I do not recall there being other fees over and above the standard licensing fee."
"We have a very clear licensing model for business. I don't have to have a Ph.D. to be able to understand the licensing model as you might need for other solutions. If I know exactly what we want, it can tell you which license you need. The solution is easy for purchasing, ordering, and ease of deployment as well."
"The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license."
"The fact that we were allowed to spin up as many servers as we had need of to support our geographic requirements while paying for licensing as an enterprise truly set Forescout apart from the crowd and improved the way we could design our access."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
13%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
Manufacturing Company
12%
Financial Services Firm
11%
Government
7%
Computer Software Company
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
No data available
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise10
Large Enterprise45
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What advice do you have for others considering Forescout Platform?
Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unau...
What advice do you have for others considering Forescout Platform?
I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
What advice do you have for others considering Forescout Platform?
I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. T...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Wizards of the Coast
NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. Forescout Platform and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.