Try our new research platform with insights from 80,000+ expert users

McAfee ePolicy Orchestrator vs Palo Alto Networks Cortex XSOAR comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

McAfee ePolicy Orchestrator
Ranking in Security Orchestration Automation and Response (SOAR)
15th
Average Rating
8.0
Reviews Sentiment
6.6
Number of Reviews
42
Ranking in other categories
No ranking in other categories
Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
47
Ranking in other categories
SOC as a Service (2nd)
 

Mindshare comparison

As of July 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of McAfee ePolicy Orchestrator is 0.7%, down from 0.7% compared to the previous year. The mindshare of Palo Alto Networks Cortex XSOAR is 10.4%, down from 12.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

Binu Haneef - PeerSpot reviewer
Comprehensive security management enabled through efficient integration and automation
McAfee ePolicy Orchestrator helps automate routine security tasks. We created customized automation. For example, when we did not have an EDR or XDR solution, we created tasks exclusively for detection and response automation and automatic segregation of infected PCs. The ability to customize the dashboard in McAfee ePolicy Orchestrator helps us significantly. The main feature is automation for auto-segmentation and segregation. As we are in an AI era, McAfee can focus on AI tools. Instead of putting manual effort into each security-related task, it can implement more advanced automation using AI. This enhancement could improve cybersecurity significantly. Regarding the reporting area in McAfee ePolicy Orchestrator, we are satisfied with what we currently have. Our cybersecurity team needs customized reports beyond the default ones. We have more than 20 separate reports for identifying threats, managing, and understanding the security posture of our company and assets.
NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"You have to have some experience, however, it's pretty simple to understand."
"I really like the auditing component because it really looks at exactly what has happened on the network."
"The graphical interface of the solution is its most valuable aspect."
"Application control and traffic encryption are the most valuable features."
"The advantages of McAfee ePolicy Orchestrator include being a centralized management console, which we possess when managing multiple solutions in Trellix DLP and EPP through the EPO solution."
"What I like the most is the ability to manage centrally, to manage the various devices, the platform, and the endpoint, all from one console."
"We implemented data transfer protection, which allows transfer in one direction only. Users can copy from the PC to the USB but not from the USB to the PC. That way, if someone is carrying a virus on a USB, it will not be transferred to the PC."
"The central manager policy means we have almost all client modules in one solution."
"The most valuable features are simplicity and ease of integration."
"The most valuable feature is its capability to automate responses and collect information for any security event before you even delve into the details. It's a vast product with an active roadmap, so I'm satisfied with it for now. It's very efficient at data collection and correlation."
"Many different playbooks are available and can be customized."
"I am satisfied with the product overall."
"The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information."
"I have no complaints about Cortex's stability."
"It is a scalable solution."
"I would rate the stability of Cortex XSOAR as nine out of ten."
 

Cons

"The installation process is quite difficult and requires technical support."
"The Virtual Patching feature needs to be improved."
"There are some issues we are having with updating our Windows server. So we need to contact support or access our support portal."
"The detection aspect should be improved so that signatures are updated more quickly."
"They have to do something to make the solution more resilient or recoverable from power failure events, which may include creating their own database."
"We would like to see more integration with different platforms and extend this to other platforms. We are migrating to the cloud and want to extend it from our on-premises setup to the cloud."
"The rollout to cover the online resources, such as SharePoint, One Drive, and Office 365 doesn't seem to have a very clear path."
"The issues with the integration capabilities of the product, specifically the ones that are deployed on an on-premises model, need to be improved."
"There is room for improvement in support. The response time could be faster."
"When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot."
"The price of the solution could be lower."
"Palo Alto Networks Cortex XSOAR lacks to offer SIEM functionalities currently."
"We need a little hands-on experience to install the solution."
"The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a downside."
"They should provide integration with machine learning platforms."
"The dashboard could be better."
 

Pricing and Cost Advice

"It is attractively priced. It is a fraction of what we're going to pay for CrowdStrike or SentinelOne, but it only has a fraction of the capabilities as well."
"Compared to other Antivirus products, the cost of this solution is a bit high."
"McAfee ePolicy Orchestrator is a cheaply priced product, meaning it is not expensive since McAfee provides a free version of ePO, which includes phone support as well."
"There is a license required to use this solution. If we use the additional components, such as DLP encryption, there is an additional cost. However, it is similar to a separate product altogether. If you want to use that or not, it is optional, but when you use it, it will cost you additional pricing."
"McAfee tries to package different things into different products, then sell them as different products with different licenses. They just split everything up into multiple things. That's just their sales pitch and how they do it."
"It's an expensive solution"
"On a scale from one to ten, where one is cheap, and ten is expensive, I rate the solution's pricing a three out of ten."
"McAfee ePolicy Orchestrator is not an expensive solution."
"The pricing is fair. The pricing reflects the value and feature set it offers."
"There is a yearly license required for this solution and it is expensive."
"The price of Palo Alto Networks Cortex XSOAR is comparable to other solutions in the market."
"There is a perception that it is priced very high compared to other solutions."
"On a scale of one to ten, where one is a low price, and ten is a high price, I rate the pricing a nine."
"The solution's pricing needs improvement."
"The solution's cost is high."
"The solution's cost is reasonable."
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
13%
Government
10%
Manufacturing Company
9%
Computer Software Company
9%
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
9%
Government
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Which is better - Mcafee's MVision ePO or ePolicy Orchestrator?
Our organization ran comparison tests to determine whether Mcafee's MVision ePO or ePolicy Orchestrator network security software was the better fit for us. We decided to go with Mcafee's ePolicy O...
What do you like most about McAfee MVISION ePO?
McAfee ePolicy Orchestrator's performance is good.
What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
For Palo Alto Networks Cortex XSOAR, there is always room for improvement. One of the significant issues we encounter is system slowdown when we receive an influx of alerts, which inhibits how quic...
 

Also Known As

McAfee ePO, ePolicy Orchestrator, Intel Security ePolicy Orchestrator, McAfee MVISION ePO
Demisto Enterprise, Cortex XSOAR, Demisto
 

Overview

 

Sample Customers

Brelje & Race, Cognizant, Sutherland Global Services, Eagle Rock Energy, Arab National Bank, Bank Central Asia, Kleberg Bank, Leading Mexican Bank, SF Police Credit Union, Macquarie Telecom, Seagate Technology, Blackburn & Darwen Council, California Department of Corrections & Rehabilitation, IRCEP, Major U.S. State Government, State of Alaska, State of Colorado, Cemex, Deutsche Edelstahlwerke
Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
Find out what your peers are saying about McAfee ePolicy Orchestrator vs. Palo Alto Networks Cortex XSOAR and other solutions. Updated: June 2025.
861,524 professionals have used our research since 2012.