No more typing reviews! Try our Samantha, our new voice AI agent.

Lookout vs Red Canary comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Lookout
Ranking in Endpoint Detection and Response (EDR)
53rd
Average Rating
7.6
Reviews Sentiment
7.1
Number of Reviews
3
Ranking in other categories
Threat Intelligence Platforms (TIP) (26th), Mobile Threat Defense (3rd)
Red Canary
Ranking in Endpoint Detection and Response (EDR)
37th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
7
Ranking in other categories
Advanced Threat Protection (ATP) (24th), Managed Detection and Response (MDR) (12th), Risk-Based Vulnerability Management (16th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Lookout is 0.8%, up from 0.4% compared to the previous year. The mindshare of Red Canary is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Red Canary0.7%
Lookout0.8%
Other94.9%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
DB
IT Manager at NHS Trust
Enhanced mobile security with visibility into app and website usage, but installation challenges remain
We use Lookout for mobile devices, such as phones It has reduced our risk around mobile devices. I like the security features and being able to see what apps and websites people are using. There is nothing we have come across that we've desired. We have been using Lookout for one year. The…
JH
Head of Information Security and Privacy at Ovative Group
Gained trusted 24/7 threat coverage and now focus security efforts on architecture and design
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues. The Red Canary team's expertise stands out compared to others I've worked with because their team is organized into smaller pods that support a given number of clients, so they're not just a bevy of operators going around the clock. The teams themselves have coordination and cohesion, and they get to know us. Their integrations into the different platforms and systems that we use all line up with our needs, whereas a number of other platforms offered a different variety of integrations that did not line up with our requirements. Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization. With the freed-up resources, we've been able to implement CSPM, SAST, software testing tooling, and engage much more closely with our developers and engineers to focus on secure architecture and design.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"The level of security I get for my endpoints and servers is extremely valuable."
"We think that this product will help us grow, as it meets our needs currently and we can grow with it over time."
"The product's initial setup phase is very easy."
"It's very stable. I've never experienced downtime for the ASM console or ASM core."
"Its interface and pricing are most valuable, and it is better than other vendors in terms of security."
"After deploying Traps, we saw the performance of the network improve by 65 to 70 percent."
"We have not had any issues with bugs or breakdowns."
"The protection offered by the product is the most valuable feature. It detects vulnerabilities or traps on our users' phones and then prompts them to clean up their devices. Tools we used previously would only discover, which required us to gather information on the backend, so Lookout is a welcome upgrade."
"The most valuable features are the antivirus as a whole, the anti-malware, and all of the protection features that scan our enterprise devices."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"Red Canary has impacted my organization positively because we treat any ticket triggered by them as high priority due to the fact that 99 percent of the time it is a true positive."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"I recommended Red Canary to my friends who work in other organizations."
"The solution works well for what we use it for and the support and protection are good."
"The most valuable feature of the solution is its automation part."
"I am satisfied with this solution and it is very competitive with other similar EDR or MDR solutions because it provides very impressive information about the root cause of the threat, such as malware."
"Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization."
 

Cons

"Cortex XDR by Palo Alto Networks could improve its user interface, which is more complicated compared to competitors such as SentinelOne."
"This is a very costly product."
"Although I would say this product is highly-rated, it could probably do more because nothing does everything that you want."
"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
"Cortex XDR by Palo Alto Networks is not only pricey; it is extremely expensive."
"Impact on system performance is horrible, adding a lot of delays for users."
"In an upcoming release, the solution could improve by proving hard disk encryption. If it could support this it would be a complete solution."
"Palo Alto Networks Cortex XDR does not detect malicious activity like in other anti-virus solutions like Trend Micro and Windows with Cisco."
"From the analysis that we've done, they do seem to be maybe a step behind in trying to enter the market with a new solution. But when they do pick up, they do come out with some good products."
"We just submitted an enhancement request reflecting the main area we want to see improvement in; the APIs. Currently, we're able to build dashboards, but it's somewhat backward because we use our MDM API to create them. Lookout should provide API to customers so we can query our data and use it in our cloud, and this is the only outstanding area for improvement with the product right now."
"The initial setup requires a little bit of experience with configuration."
"In general, the solution currently fails to provide a summary to its users."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"Red Canary's pricing spectrum may not be ideal for smaller financial institutions."
"The price could always be better."
"Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including the types of data they're looking at and the types of systems that they're integrating with."
"I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representation to easily identify what happened."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
 

Pricing and Cost Advice

"The pricing is a little high. It is per user per year."
"It is "expensive" and flexible."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"The pricing seems fair, and I do like the licensing model. You use wherever they are, and it is elastic."
"If one wishes to work with another team or large number of users at a future point, he must purchase a license for them."
"The return on investment is from the user side because we have seen the performance of it increase the delivery time of the product if we are using too many web-based and on-premise applications. In indirect ways, we saw the return of investment in terms of performance and user satisfaction increase."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"I don't have any issues with the pricing. We are satisfied with the price."
"Lookout is definitely on the lower end when it comes to price point and that seems to be the only differentiator. The technology is in place in this space and it's really about who is coming in at the better price point now."
"The pricing is fair; it's comparable to our previous solution, and we carried out multiple POCs and POVs (proof of value). The product is worth the money we pay for it."
"I have not compared Red Canary to other solutions to know if the price is high or low. However, I have found the price of this solution fair and reasonable, it cost approximately $100 per year, per device. If they could provide the solution for $50 per year, per device, it would be better."
"The solution could vary in price depending on how many endpoints a company has."
"Red Canary MDR I use is an open-source tool."
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Manufacturing Company
12%
Financial Services Firm
10%
Construction Company
10%
Government
9%
Financial Services Firm
9%
Construction Company
8%
Manufacturing Company
8%
Computer Software Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business2
Large Enterprise5
By reviewers
Company SizeCount
Small Business6
Large Enterprise2
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What is your experience regarding pricing and costs for Lookout?
The pricing is a little expensive. We are currently looking at comparisons with other solutions, including Umbrella.
What needs improvement with Lookout?
There is nothing we have come across that we've desired.
What is your primary use case for Lookout?
We use Lookout for mobile devices, such as phones.
What needs improvement with Red Canary MDR?
Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including ...
What is your primary use case for Red Canary MDR?
My main use case for Red Canary is to ensure I can sleep at night by getting 24/7 coverage by a capable team to inves...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
CipherCloud
Red Canary Managed Detection and Response (MDR)
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Information Not Available
DuPont, Quanta Services, Microchip Technology, Hopkins Public Schools, Henny Penny, Schumacher Homes
Find out what your peers are saying about Lookout vs. Red Canary and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.