No more typing reviews! Try our Samantha, our new voice AI agent.

Forescout Platform vs Uptycs comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Forescout Platform
Ranking in Extended Detection and Response (XDR)
35th
Average Rating
8.4
Reviews Sentiment
6.5
Number of Reviews
79
Ranking in other categories
Network Access Control (NAC) (6th), IoT Security (5th), Endpoint Compliance (2nd)
Uptycs
Ranking in Extended Detection and Response (XDR)
39th
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
2
Ranking in other categories
Endpoint Protection Platform (EPP) (44th), Container Security (37th), Endpoint Detection and Response (EDR) (51st), Cloud Workload Protection Platforms (CWPP) (23rd), Cloud Security Posture Management (CSPM) (33rd), Cloud-Native Application Protection Platforms (CNAPP) (22nd), Cloud Detection and Response (CDR) (12th)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of Forescout Platform is 1.2%, up from 0.6% compared to the previous year. The mindshare of Uptycs is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Forescout Platform1.2%
Uptycs0.7%
Other93.5%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
AshishKumar Rai - PeerSpot reviewer
Security Consultant at a tech vendor with 10,001+ employees
Comprehensive visibility has strengthened endpoint control and automated threat response across networks
When it comes to improving Forescout Platform, I have faced some issues recently, particularly with the switch integration part. When integrating a switch, it asks for the vendor type, and often it does not match. For example, one series of HP switches may not be found in that vendor list. This leads to frustration because you have to check again with different HP models, and once you integrate a switch, you cannot edit the vendor list without removing it. Other issues are being worked on, particularly related to switch integration. I believe they will be fixed in the next upgrade or patch fix. There are no major issues, but the configuration changes needed for the switch model are necessary, and I think it would help if during integration, an admin user could check the password or credential used, as they currently cannot see the password after it is entered and saved.
SangramGupta - PeerSpot reviewer
Security Consultant at Deloitte
Centralized visibility has improved risk-based vulnerability management but onboarding still needs simplification
From my perspective, the features of Uptycs that stand out more for my projects and organization are the vulnerability management, endpoint visibility, and asset inventory management features. I can share two specific outcomes that show this positive impact using Uptycs. First, it reduces significant time and effort from the asset inventory point of view because previously I needed to scan all of the assets which were in scope, but now I only scan those assets that are currently active and in scope, and the CMDB and asset inventory receive proper updates of those assets. Secondly, in vulnerability prioritization, I receive all the prioritized vulnerabilities so I can prioritize and mitigate or remediate them as soon as possible, which reduces the overall time of remediation as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Palo Alto is the best security solution in the market."
"Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features."
"Cortex XDR can integrate the firewalls and determine the tendencies of the attacks. It's a new generation antivirus, with protection endpoints and detection response. It is very easy to use and everybody can operate the solution."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind."
"One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"The compliance aspects of the solution are excellent and one of the solution's best features."
"I help customers use the Forescout Platform for compliance enforcement. We can specify what needs to be installed on devices connecting to the network, like antivirus, updates, and security software."
"Forescout Platform provides multiple features. They have a very effective device fingerprinting in their cloud. You do not need to add any devices manually, such as in Mac devices. Other solutions you have to add IoT devices and OT devices manually. This is one of the major areas that Forescout Platform is excelling in."
"Forescout Platform has granular features and one of the most impressive features is the agentless feature."
"Ease of deployment There's a great support team that becomes actively engaged whenever we encounter issues. Their technical support is amazing. Good documentation is available. The product is stable. The solution is highly scalable. I recommend using the solution because it gives verified control over the environment. It has a great visibility feature."
"Customer service is above average and technical support is above average."
"The main feature, the NAC engine, is very flexible since ForeScout CounterACT doesn’t need the use of 802.1x and can work with almost all switch vendors."
"The most valuable feature is the blocking of USB devices."
"They have multiple great features."
"I have seen a return on investment from using Uptycs, saving almost 25 to 30 percent in terms of asset investigations or asset inventory management and vulnerability prioritization, which is significant."
 

Cons

"The solution should add unwanted malicious hash values to a block list so that whenever the action is triggered, it will automatically prevent the malicious content."
"This is a very costly product."
"The product's pricing could be better."
"A little bit more automation would be nice."
"The solution should offer more dashboards and they should be better customized."
"Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth."
"The tool needs to be improved in terms of integration and interface."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"The logging of Forescout is horrible compared to other things that we've used."
"The installation is not secure because it takes high admin privileges."
"The biggest disadvantage is the pricing."
"Custom integrations need to be better. I'd like to have the option, for example, to integrate the Forescout Platform with a customized application or any other software out there that I am using at the same time."
"The solution does have a bit of complexity, and there's some complexity in the deployment. Users need to be trained before undertaking an initial setup."
"The security features can be improved because we use it for sensitive information, such as compliance."
"I'd like to see improvements in the reporting aspect of Forescout Platform. While the dashboards are good, the reports are lacking and need enhancement, especially in terms of standardization and customization options. Apart from that, all the features and functionalities are working well without any issues."
"Since the costs continually go up with each new endpoint, we don't really see an ROI."
"Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current onboarding method is complex and requires checks with the support team."
"We end up facing a lot of issues after upgrades."
 

Pricing and Cost Advice

"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"The price is on the higher side, but it's okay."
"This is an expensive solution."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"Cortex XDR's pricing is ok."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"I did PoCs on products called Cylance and CrowdStrike. Although, I consider these products and they were also good, when it come to cost and budgetary factors, Traps has been proven to be better than the other two products. It is quite cost-effective and delivers all the entire solution which we require."
"Cortex XDR’s pricing is very reasonable."
"We went with the virtual appliance option. The biggest cost to running these types of appliances would be to either have multiple virtual appliances at every data center or running Remote SPAN hardware to provide you the real-time network visibility."
"It is expensive because you have to pay for their CSM, the customer's access manager, and their professional services on top of that, and they charge you roughly $400 per hour, which is overhead."
"For one license, we pay around 3,000 Indian rupees."
"They base the license on the number of devices, which is quite misleading."
"You can have a flexible license depending on your environment."
"The Forescout Platform's pricing is in the middle range, not too cheap or expensive."
"The price of the solution is reasonable. We have paid for the license for five years. We have integration with Symantec AV for orchestration, and we have an additional license."
"The solution is not priced low. There are no hidden costs."
Information not available
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
12%
Financial Services Firm
11%
Government
7%
Computer Software Company
6%
Financial Services Firm
19%
Construction Company
13%
Insurance Company
6%
Transportation Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise10
Large Enterprise45
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What advice do you have for others considering Forescout Platform?
Forescout is a very powerful NAC product that does not rely on port level configuration. It can detect and block unau...
What advice do you have for others considering Forescout Platform?
I would rate the Forescout Device and Visibility Control Platform at a six out of ten.
What advice do you have for others considering Forescout Platform?
I recommend doing a compression demo. If people use it, they will buy it. So they have to see the product in place. T...
What needs improvement with Uptycs?
Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current...
What is your primary use case for Uptycs?
I use Uptycs as part of cloud security threat detection, vulnerability management, and security operations initiative...
What advice do you have for others considering Uptycs?
My advice for others looking into using Uptycs is that if you are looking for a centralized solution for all security...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Forescout Platform, CounterACT for Endpoint Compliance, ForeScout CounterACT
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
NHS Sussex, SAP, SEGA, Vistaprint, Miami Children's Hospital, Pioneer Investments, New York Law School, OmnicomGroup, Meritrust
Comcast, Crossbeam, Flexport, Greenlight Financial, Lookout Security, PayNearMe
Find out what your peers are saying about Forescout Platform vs. Uptycs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.