No more typing reviews! Try our Samantha, our new voice AI agent.

ExtraHop Reveal(x) 360 vs Kaspersky Next XDR Optimum comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
ExtraHop Reveal(x) 360
Ranking in Extended Detection and Response (XDR)
29th
Average Rating
8.6
Reviews Sentiment
6.8
Number of Reviews
5
Ranking in other categories
Intrusion Detection and Prevention Software (IDPS) (17th), Container Security (35th), Network Traffic Analysis (NTA) (10th)
Kaspersky Next XDR Optimum
Ranking in Extended Detection and Response (XDR)
14th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
124
Ranking in other categories
Endpoint Protection Platform (EPP) (11th), Endpoint Compliance (5th), Endpoint Detection and Response (EDR) (21st)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of ExtraHop Reveal(x) 360 is 1.0%, up from 0.4% compared to the previous year. The mindshare of Kaspersky Next XDR Optimum is 1.5%, down from 3.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Kaspersky Next XDR Optimum1.5%
ExtraHop Reveal(x) 3601.0%
Other92.9%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
reviewer2857197 - PeerSpot reviewer
Lead IT Service Analyst at a manufacturing company with 10,001+ employees
Cloud-native threat detection has improved incident investigations and now reduces breach risk
We have covered most of the features over the past three years and look forward to discovering more as we work closely with the ExtraHop technical team, who are open to sharing what they have developed. Pricing is on the higher side, typically based on load, volume of traffic, and deployment scale. The advanced detection capabilities provide significant value in reducing investigation time, making the licensing and pricing acceptable for larger organizations. ExtraHop Reveal(x) 360 has undeniably improved our security posture, reduced manual investigation efforts, and facilitated fast threat detection mechanisms, which all help prevent costly potential breaches in enterprise environments. ExtraHop Reveal(x) 360's SaaS environment is well-suited for cloud, on-premises, and hybrid environments, effectively addressing real-life scenarios involving east-west and north-south traffic. The platform is recommended for large organizations in need of comprehensive detection capabilities. I would rate this product overall as an 8 out of 10.
SR
Group CIO at Thal Industries Corporation Ltd
Have maintained strong endpoint protection through behavioral analysis and daily monitoring
I previously mentioned that Kaspersky Endpoint Security for Business doesn't have built-in DLP, which was a concern. I think they could add it in the future; however, antivirus cannot provide a proper DLP solution, but they can offer a mix of DLP, similar to Trend Micro Apex One, which provides some sort of DLP file management. Nonetheless, we need a proper DLP solution such as Forcepoint or Symantec, whichever suits us. We'll be conducting performance evaluation in the next quarter while working on other projects. More value means a better GUI, user interface, and comprehensive reporting capabilities. In Sophos, we receive a daily system-generated report about what is happening, plus an alert system. The reporting system in Trend Micro is also excellent; I receive an email every day at 10:00 AM with a report for the last 24 hours.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Monitoring is most valuable."
"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."
"The product's most valuable features are massive user and feature intelligence exploit detection."
"The normal protection was really effective, and we detected situations that if we didn't have Cortex XDR by Palo Alto Networks, it's highly likely that we would have been affected, but it protected the infrastructure."
"The tool's use cases are relevant to security."
"The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better."
"There are a lot of lead solutions in this space, however, Palo Alto is number one."
"The most valuable aspect of Cortex XDR by Palo Alto Networks for me is its integration with AI detection, where we get to know the behavioral detection based on users, traffic patterns, and different services that we consume."
"It stands out for its intuitive and efficient user interface, robust detection capabilities with minimal false positives, and the ability to handle encrypted traffic, making it a valuable asset for network security and management."
"Their technical support is more effective and of better quality than other competitors."
"ExtraHop Reveal(x) 360 has positively impacted my organization by helping us detect abnormal activity on our network that we could not detect through our SIEM or XDR platform."
"It is scalable."
"ExtraHop Reveal(x) 360 has undeniably improved our security posture, reduced manual investigation efforts, and facilitated fast threat detection mechanisms, which all help prevent costly potential breaches in enterprise environments."
"It is very easy to collect and handle data in ExtraHop Reveal(X) Cloud. Integration with Big Data is also easy. Many of our customers integrate it with Big Data platforms like Splunk or Elastic. It is also easy to handle and easy to understand."
"The solution offers many useful features and there is excellent integration with the app directory."
"I am impressed with the tool's main dashboard, anti-malware application blocking, DDoS, etc."
"The most valuable features include the ability to upgrade and update all users from one console and to install the solution remotely."
"It is very reliable, user-friendly endpoint security software."
"The solution offers a very good antivirus if we compare it with other anti-viruses such as McAfee."
"It integrates well across different operating systems, including mobile devices like Android and Mac. It effectively manages firewalls, particularly with Fortinet, enhancing overall security posture."
"As much as the solution is an endpoint product, it provided good security."
"The policies are easy to make and controlled by the Kaspersky Administrative Security Center, which comes at no additional costs."
 

Cons

"The solution lacks real-time, on-demand antivirus."
"The solution should enhance the ADR and reporting."
"The MAC agent is not as robust feature-wise as the PC version."
"Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis."
"When it comes to core analysis, and security analysis, Cortex needs to provide more information."
"A little bit more automation would be nice."
"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."
"It would be good if they could make an exception for applications. Sometimes, it can be a bit of a challenge to make exceptions for certain applications that have been used as rogue."
"A drawback includes bucket storage limitations for payload data, necessitating timely extraction for thorough investigations."
"Their professional service can be improved."
"One challenge with ExtraHop Reveal(x) 360 is its pricing, which tends to be comparatively high in the marketplace."
"There needs to be more support."
"I would like to see ExtraHop Reveal(x) 360 improved by integrating XDR features with NDR."
"They can include integration with SAP. Currently, no vendor provides network performance monitoring in the SAP market. It is a very big market. We have around 400 customers for SAP in Korea. In the USA, there are more than 10,000 customers."
"The licensing is yearly based. It is expensive, it could be cheaper, so I think the solution's pricing could be better."
"It would be ideal with the solution offered more documentation."
"The deployment could be better. Recently when I try to deploy it I received a large number of failures."
"In the past, Kaspersky had different solutions for the clients and servers. We are using another product from Trend Micro that will integrate these products, which is better than having different solutions."
"The performance is not very good. It's acceptable with the security."
"Malware protection for Kaspersky should be revolutionized, where they no longer work with signatures, but with more advanced ways of detecting malware, such as Cylance or Traps from Palo Alto."
"There have been some performance issues. They provide good security, but this slows down the performance of machines' servers. The software is not updating as frequently as we need."
"When we connect to the solutions' website they block out our VPN connection, which causes us some difficulties."
 

Pricing and Cost Advice

"The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month."
"The cost depends on your chosen license type, like Pro or other licenses."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"Our customers have expressed that the price is high."
"The pricing is a little bit on the expensive side."
"The price was fine."
"I don't like that they have different types of licenses."
"I don't have any issues with the pricing. We are satisfied with the price."
"When compared to other solutions, it aligns with the market average, indicating a competitive pricing level."
"I find the solution to be inexpensive compared to other solution like Crowdstrike."
"We have been using a yearly subscription and feel that pricing could be better. Perhaps, discounts could be given, during the renewal process, to those who have been customers for some time."
"I prefer paying for a yearly license because it has some discounts. One of the companies I work for pays for the Business Select license, for 100 users."
"The licensing is based per agent. You can get discounts if you have more agents."
"It is a cost-effective product."
"I received a very good deal with Kaspersky."
"The tool is too expensive compared to other products."
"I think the price of this solution is good."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
13%
Construction Company
9%
Manufacturing Company
8%
Comms Service Provider
7%
Construction Company
9%
Manufacturing Company
9%
Financial Services Firm
8%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
No data available
By reviewers
Company SizeCount
Small Business63
Midsize Enterprise27
Large Enterprise33
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What needs improvement with Kaspersky Endpoint Security?
Kaspersky Endpoint Security for Business does not have encryption tools. It uses the Windows BitLocker tool, which is...
What is your experience regarding pricing and costs for Kaspersky Endpoint Security for Business?
The pricing and licensing cost of Kaspersky Endpoint Security is cheaper compared to Trend Micro.
What is your primary use case for Kaspersky Endpoint Security for Business?
I have good experience in the sales part of Kaspersky Endpoint Security for Business, not the technical side. I am no...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
ExtraHop Reveal(X) Cloud, Reveal(X) Cloud
Kaspersky Work Space Security, Kaspersky Endpoint Security
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Wizards of the Coast
ACMS, Arqiva, Pakistan International Airlines, RAO UES
Find out what your peers are saying about ExtraHop Reveal(x) 360 vs. Kaspersky Next XDR Optimum and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.