No more typing reviews! Try our Samantha, our new voice AI agent.

Kaspersky Next EDR Expert vs Uptycs comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 9, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Kaspersky Next EDR Expert
Ranking in Endpoint Detection and Response (EDR)
20th
Average Rating
8.2
Reviews Sentiment
6.5
Number of Reviews
51
Ranking in other categories
No ranking in other categories
Uptycs
Ranking in Endpoint Detection and Response (EDR)
51st
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
2
Ranking in other categories
Endpoint Protection Platform (EPP) (44th), Container Security (37th), Cloud Workload Protection Platforms (CWPP) (23rd), Extended Detection and Response (XDR) (39th), Cloud Security Posture Management (CSPM) (33rd), Cloud-Native Application Protection Platforms (CNAPP) (22nd), Cloud Detection and Response (CDR) (12th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Kaspersky Next EDR Expert is 1.2%, down from 1.4% compared to the previous year. The mindshare of Uptycs is 0.5%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Kaspersky Next EDR Expert1.2%
Uptycs0.5%
Other94.7%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Ravi-Upadhyay - PeerSpot reviewer
Founder at Inspira Enterprise
Provides strong threat detection and response through behavior analytics and network isolation
I have found the most valuable features of Kaspersky Endpoint Detection and Response Expert to be its ability to tackle the biggest challenges customers face when they have to mitigate any kind of a malware, ransomware attack, or online theft scenarios. The solution utilizes its HIPS, which is the host intrusion prevention system, behavior analytics system, and device control mechanism, making the antivirus capabilities of EDR quite strong. It is able to detect zero-day threats as well as historical or legacy malware, providing protection against current threats in the market and legacy malware. My opinion on the advanced threat detection algorithms in Kaspersky Endpoint Detection and Response Expert is that the ATP functionality is quite strong because it utilizes the behavioral analytics engine in the backend, which employs machine learning mechanisms to identify any kind of vulnerability or exploit running on the operating system level and the network level. If an attack is about to happen on the endpoint, it is able to protect over the network as well and checks for any illegitimate encryption activities. The machine learning capability within Kaspersky Endpoint Detection and Response Expert has contributed to improving detection accuracy and reducing false positives in my environment by helping me identify malicious activity and differentiate between any malicious activity on the operating system level and on the network level. I have seen customers with in-house developed applications that have no public signatures available. Once I whitelist a particular application, it intelligently whitelists not only the executable but also all the dependent services required to run that application. Furthermore, Kaspersky Endpoint Detection and Response Expert has successfully blocked network-level attacks on the endpoint. For example, during a recent DoS attack aimed at choking the entire network, Kaspersky detected the attack, isolated the device in a sandbox network, and alerted my SOC team via email for corrective action, thereby proactively helping me detect and protect devices from malicious attacks.
SangramGupta - PeerSpot reviewer
Security Consultant at Deloitte
Centralized visibility has improved risk-based vulnerability management but onboarding still needs simplification
From my perspective, the features of Uptycs that stand out more for my projects and organization are the vulnerability management, endpoint visibility, and asset inventory management features. I can share two specific outcomes that show this positive impact using Uptycs. First, it reduces significant time and effort from the asset inventory point of view because previously I needed to scan all of the assets which were in scope, but now I only scan those assets that are currently active and in scope, and the CMDB and asset inventory receive proper updates of those assets. Secondly, in vulnerability prioritization, I receive all the prioritized vulnerabilities so I can prioritize and mitigate or remediate them as soon as possible, which reduces the overall time of remediation as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"It collects and caches and the knowledge of machine learning from different customers to take to the cloud, it makes it better to use for everybody, it allows for quick learning and updates and can, therefore, offer zero-day malware security, and this sharing of metadata helps make the solution very safe."
"My advice for others looking into using Cortex is that it is very easy to use and very useful for the customer environment, whether it's a public or private one."
"I have found the solution to be very easy in respect of the integration and configurable."
"The information the dashboard provides is very clear."
"Cortex XDR by Palo Alto Networks has changed the way my security team detects, investigates, and responds to threats, as we are able to see the files, unwanted files, unsecured files, and unauthorized files, so we are quarantining them."
"The most valuable feature of Kaspersky Endpoint Detection and Response is security, as it has better security than other solutions, such as Symantec."
"Provides web and DNS protection over https."
"Version 14.0 comes with an SQL database, which gives great flexibility on control, reviewing logs, and viewing history."
"It is easy to manage."
"Kaspersky is useful for detecting zero-day attacks."
"We like the automated change of policies, given some scenarios, and you can rely upon your automated policies being activated if you need to, giving you good protection when you are under attack or when ransomware is spreading across your network."
"The stability of the product is great."
"The most valuable features are the reports."
"I have seen a return on investment from using Uptycs, saving almost 25 to 30 percent in terms of asset investigations or asset inventory management and vulnerability prioritization, which is significant."
"They have multiple great features."
 

Cons

"A better pricing plan would make this product more competitive."
"In general, the price could be more competitive."
"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."
"Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer."
"They are charging for Network Traffic Analyzer (NTA) services, so if the per GB data could be provided at a certain level free of cost or at the same cost which the customer is taking for the entire bundle, that would be better."
"The product's pricing could be better."
"It would be better if they could educate the customers more. Some sort of seminars and roadshows will help educate the customers and show what the product can do. The price could be better. It would also help if they had a team for deployment and support."
"There are some third-party solutions that are difficult to integrate with, which is something that can be improved."
"The solution is expensive in comparison to CheckPoint and Fortinet."
"Kaspersky Endpoint Detection and Response Expert needs to include a traffic interface."
"If a customer wants to use Kaspersky on-prem, they'll need to spend a lot on the hardware. Their server must be strong because EDR is a heavy product. You need excellent hardware to run it. It might make sense to deploy the solution in the cloud. If they add features, it will only make the product heavier and increase the hardware costs."
"Could include some additional protection."
"They could provide a source of visualization for the product."
"The system can be heavy, slowing down performance."
"Kaspersky Endpoint Detection and Response should continue to improve its protection while adapting to the changing threat ecosystems. Having more advanced features would be a benefit."
"It consumes many system resources, and there should be more EDR details."
"We end up facing a lot of issues after upgrades."
"Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current onboarding method is complex and requires checks with the support team."
 

Pricing and Cost Advice

"Cortex XDR’s pricing is very reasonable."
"It has a yearly renewal."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"The price is on the higher side, but it's okay."
"The cost depends on your chosen license type, like Pro or other licenses."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"We were on a three-year license to use Kaspersky Endpoint Detection and Response. The price could be better."
"The product has a valuable pricing model. We need to purchase its monthly subscription."
"The pricing is reasonable. Not too cheap, not too expensive."
"The solution's cost is reasonable compared to other vendors."
"The solution is expensive in comparison to CheckPoint and Fortinet."
"Pricing for Kaspersky Endpoint Detection and Response is so-so when you compare it with its competitors. Its pricing isn't cheap nor expensive."
"The price of Kaspersky Endpoint Detection and Response is in the middle range compared to competitors. The pricing model is based on the users using the solutions. The cost for us is approximately 2200 Algerian dinars. The price of the solution could be reduced."
"The solution’s pricing is okay."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
10%
Construction Company
9%
Computer Software Company
9%
Comms Service Provider
9%
Financial Services Firm
19%
Construction Company
13%
Insurance Company
6%
Transportation Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business30
Midsize Enterprise4
Large Enterprise18
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Kaspersky Endpoint Detection and Response Expert?
The user interface of Kaspersky Endpoint Detection and Response Expert could be more intuitive, and I would appreciat...
What is your primary use case for Kaspersky Endpoint Detection and Response Expert?
My usual use cases for Kaspersky Endpoint Detection and Response Expert involve detecting ransomware earlier and proa...
What needs improvement with Uptycs?
Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current...
What is your primary use case for Uptycs?
I use Uptycs as part of cloud security threat detection, vulnerability management, and security operations initiative...
What advice do you have for others considering Uptycs?
My advice for others looking into using Uptycs is that if you are looking for a centralized solution for all security...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Kaspersky EDR
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Ferrari, Insolar, Tael, Republic of Serbia
Comcast, Crossbeam, Flexport, Greenlight Financial, Lookout Security, PayNearMe
Find out what your peers are saying about Kaspersky Next EDR Expert vs. Uptycs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.