No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs SonicWall Capture Client comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Sep 9, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Morphisec
Ranking in Endpoint Protection Platform (EPP)
48th
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (57th), Advanced Threat Protection (ATP) (30th), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
SonicWall Capture Client
Ranking in Endpoint Protection Platform (EPP)
41st
Ranking in Endpoint Detection and Response (EDR)
46th
Average Rating
8.0
Reviews Sentiment
6.5
Number of Reviews
11
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Morphisec is 1.0%, up from 0.4% compared to the previous year. The mindshare of SonicWall Capture Client is 0.9%, up from 0.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
SonicWall Capture Client0.9%
Morphisec1.0%
Other94.3%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
HT
Product Manager at wahana piranti teknologi
Has consistently delivered double-layer protection and simplified policy application while needing mobile compatibility and better MacOS support
A significant limitation is that SonicWall Capture Client cannot be installed on smartphones, as there is no mobile version available.Occasionally, the Sentinel engine becomes unresponsive, particularly when customers do not properly restart or shutdown their systems. This requires a hard restart after installation to resolve the issue. Installation on Mac OS can be challenging, requiring multiple attempts due to version compatibility requirements. We must ensure the SonicWall Capture Client version is stable for Mac OS. The RAM usage is higher compared to SentinelOne, utilizing approximately 150 megabytes of memory. This is a common concern from customers, and reducing RAM consumption would be beneficial.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The product's initial setup phase is very easy."
"We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"This software helps us understand any issues that may arise when someone is not at work."
"Palo Alto is the best security solution in the market."
"The scalability of Cortex XDR by Palo Alto Networks is very good."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"The main benefit of using Cortex XDR by Palo Alto Networks while employing Palo Alto Firewall at the internet edge is that it improves security on our endpoint devices, integrating seamlessly with Palo Alto Firewalls to deliver comprehensive network, analyst, and security details all in a single dashboard, which allows us to manage everything from our network devices."
"We have seen it successfully block attacks that a traditional antivirus did not pick up."
"All the alerts are on the dashboard, which is quite simple and useful for us. You can easily check all the alerts that are being blocked or allowed, or whatever the action is. You can easily see that and you can take the necessary actions. You can add a PowerShell extension or any activities for blocking at your network level or for endpoints."
"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."
"Morphisec as the last line of defense is as good as you can get."
"It also provides full visibility into security events from Microsoft Defender and Morphisec in one dashboard. We've always had that capability with Morphisec. The more recent version appears to do that even a little bit more natively and it's given us visibility that we didn't have otherwise."
"In a month, we are saving the effort of four to five days, and earlier we used to have a dedicated person and now we don't need a dedicated resource, which has reduced our security spending and we are saving approximately $600 a month."
"I really like the integration with Microsoft Defender. In addition to having third-party endpoint protection, we're also enabling Defender... I like the reporting that we get from Defender, when it comes in. I like that it's one console showing both Morphisec and Defender where it provides me with full visibility into security events from Defender and Morphisec."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool. When we evaluated Morphisec, the CIO and I sat and listened. What attracted us to them is the fact that it stops activity at the point of detection. That saves a lot of time because now we are not investigating and trying to trace down what to turn off. We have already prevented it, which makes it very much safer and more secure."
"SonicWall Capture Client is the best endpoint security product I've ever used."
"The initial setup is straightforward."
"SonicWall Capture Client has a serial number to connect to your firewall."
"SonicWall Capture Client offers a cost-effective solution that's cheaper compared to other vendors like CrowdStrike."
"The solution has this very useful rollback feature, in which even if the system is infected by the worst malware or ransomware or anything, your data won't be lost."
"The product’s interface is easy to use."
"SonicWall Capture Client provides dual protection through two multi-engines: SonicWall Capture Client sandboxing and SentinelOne agent, with features like content blocking, real-time 24/7 protection without signature updates, and advanced machine learning that eliminates concerns about manual updates, making it more protective and easier to deploy."
"Overall, what I love the most about SonicWall Capture Client is its management console. SonicWall Capture Client also has the intelligence to tell you which computer is online, what OS it uses, etc. I also found the rollback feature and SentinelOne integration valuable in SonicWall Capture Client. Rollback is a powerful feature of the solution because it's similar to locking your endpoint during an attack, so you won't have to pay the hackers, particularly during ransomware attacks. That feature in SonicWall Capture Client allows you to get back your endpoint or make your endpoint right again after an attack. I also like that it isn't complex to remove the engine error from the endpoint because you only have to provide the security key from SonicWall Capture Client, so the process is simple. It's not complex."
 

Cons

"The solution can never really be an on-premises solution based simply on the way it is set up. It needs metadata to run and improve. Having an on-premises solution would cut it off from making improvements."
"Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console."
"The configuration could be simplified. I would like to see better protection, specifically to protect email applications."
"Based on our experience so far, its implementation is quite complex."
"It is not easy to sell Cortex XDR, not because it isn't a good tool. Its marketing needs to be improved."
"The GUI could be improved. It's a little bit cumbersome. It could be more user-friendly."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"The server sometimes stops continuously to check things so it would be helpful to receive access updates or technical reasons."
"Overall, I don't know 100% if it's increasing our security posture, but it does give us a nice peace of mind."
"It would be nice if they could integrate Morphisec with other traditional antivirus solutions beyond Microsoft Defender. That is probably my biggest gripe."
"Having to have an on-prem server required a lot of administration."
"We started in the Linux platform and we deployed to Linux. The licensing of that has been kind of confusing between Linux licensing and Windows licensing. The overall simplicity of licensing or offering an enterprise license to just cover everything and then we don't have to count needs improvement."
"Morphisec is a venture startup. They are still early in their growth stage. They need to get mature on their customer support and on how they interface with system tools."
"At this time, it is able to recognize vulnerabilities and reporting them to us, but it's not actually resolving them."
"It would be useful for them if they had some kind of network discovery. That kind of functionality I think would give IT administrators a little bit more confidence that they have 100 percent coverage, and it gives them something to audit against. Network discovery would be one area I would definitely suggest that they put some effort into."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
"We weren't very happy with the product itself and therefore don't know if it is worth it to spend the money we have on it."
"SonicWall Capture Client should use less of our PC's memory, as it tends to slow down the performance."
"They should improve their user interface."
"The biggest issue with SonicWall Capture Client is network latency."
"Occasionally, the Sentinel engine becomes unresponsive, particularly when customers do not properly restart or shutdown their systems."
"Technical support from SonicWall has room for improvement. While their escalation process is understandable, it can be time-consuming as all logs need to be provided multiple times across different service levels."
"SonicWall Capture Client could be made a little lighter than it currently is in terms of memory consumption."
"The vulnerability reports need to be better. Windows Defender detected some issues that SonicWall Capture Client couldn't."
 

Pricing and Cost Advice

"I don't have any issues with the pricing. We are satisfied with the price."
"The solution is expensive. It's pricing is on a yearly-basis."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"The cost depends on your chosen license type, like Pro or other licenses."
"It is "expensive" and flexible."
"It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"Cortex XDR's pricing is ok."
"It is an annual subscription basis per device. For the devices that we have in scope right now, it is about $25,000 a year."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"Morphisec is reasonably priced because our parent company's other subsidiaries use different products like CrowdStrike. CrowdStrike is four or five times more expensive than Morphisec. The competitive pricing saves us money in our overall security stack."
"The pricing is definitely fair for what it does."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Here in Indonesia, SonicWall Capture Client costs five hundred thousand rupiahs for every endpoint. If I'm correct, you only have to pay the licensing fee, and there's no additional fee. To me, the pricing for SonicWall Capture Client is four out of five."
"The product is very expensive."
"You have to pay for the solution, and a lot of customers do not want to pay."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
Comms Service Provider
11%
Computer Software Company
8%
Government
8%
Manufacturing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business11
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for SonicWall Capture Client?
SonicWall Capture Client offers a cost-effective solution that's cheaper compared to other vendors like CrowdStrike.
What needs improvement with SonicWall Capture Client?
A significant limitation is that SonicWall Capture Client cannot be installed on smartphones, as there is no mobile v...
What is your primary use case for SonicWall Capture Client?
The solution is used primarily in hospitality, specifically hotels, and manufacturing sectors. Approximately 70% of u...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Morphisec, Morphisec Moving Target Defense
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Luton College
Find out what your peers are saying about Morphisec vs. SonicWall Capture Client and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.