No more typing reviews! Try our Samantha, our new voice AI agent.

Morphisec vs Zscaler Client Connector comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Feb 8, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Morphisec
Ranking in Endpoint Detection and Response (EDR)
61st
Average Rating
9.2
Reviews Sentiment
7.4
Number of Reviews
21
Ranking in other categories
Vulnerability Management (57th), Endpoint Protection Platform (EPP) (48th), Advanced Threat Protection (ATP) (30th), Cloud Workload Protection Platforms (CWPP) (35th), Threat Deception Platforms (15th)
Zscaler Client Connector
Ranking in Endpoint Detection and Response (EDR)
24th
Average Rating
8.8
Reviews Sentiment
5.9
Number of Reviews
6
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Morphisec is 0.9%, up from 0.5% compared to the previous year. The mindshare of Zscaler Client Connector is 0.7%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Zscaler Client Connector0.7%
Morphisec0.9%
Other94.8%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Rick Schibler - PeerSpot reviewer
VP of Information Technology at Kentucky Trailer
Offers in-memory protection at a lower price than competitors
Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it. Morphisec's Moving Target Defense is critical to hardening our attack surface. If it detects something, it indicates whether it's valid. That means you've got a breach requiring investigation. It detects anomalies but doesn't necessarily point to what caused them. You still need to do that work. The solution is reasonably easy to administer. They made some changes last year, adding a cloud-based monitoring solution that makes deploying and monitoring our endpoints easy.
DA
IT Support Admin at Kuehne & Nagel Inc.
Client activity has been monitored efficiently through in-depth log analysis and traffic filtering
I use the Zscaler speed test, and it is very nice. We use some logs from Zscaler Client Connector to collect data and see what is happening, such as if there is an interruption or something. There is a specific tunnel version that we have to use because, depending on the internet provider, some of them have lower speed, so we have some issues. This is because of the provider, not from Zscaler. We use Office 365 services and Office applications, and because some connections are slow and they do not have full coverage from the internet provider, we have some issues. If the speed is slow for Zscaler Client Connector connection, then we have issues because if the speed is not good, then Zscaler Client Connector goes down. This may be because they put some policy. Of course, if you use Office 365 services such as Outlook, the minimum bandwidth is 5 megabits and more, so this causes issues if the users do not have a good remote connection. This depends on the companies and the users, so they need to fix it. This is not from us or our company. It is very useful, and the logs are very helpful. When we go to logs, we understand what is happening.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Cortex XDR by Palo Alto Networks is specifically designed to prevent zero-day attacks and is part of an ecosystem of Palo Alto, providing customers with a long-term vision to modify and redesign how security is applied in their company."
"Traps pays for itself within the first 16 months of a three-year subscription."
"It detected stuff that other things wouldn't detect."
"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus."
"One of the main benefits of the solution is its intelligence to correlate the events into an incident."
"The initial setup is easy."
"We switched because there were a lot of added features with Palo Alto that Check Point didn't have, and it was an upgrade for us."
"The ability to stop attacks without having to detect or have a signature for the attack is the most valuable feature."
"Morphisec has absolutely helped save money on our security stack. The ransomware at the end of the day can cost organizations millions upon millions of dollars. Investing in tools like Morphisec is a great reduction in that cost. If I can spend $10,000 in a year to protect assets that could be ransomed for $20,000,000, that's definitely a bet that one should pursue. Morphisec absolutely it's worth the investment."
"Morphisec stops attacks without needing to know what type of threat it is, just that it is foreign. It is based on injections, so it would know when a software launches. If a software launches and something else also launches, then it would count that as anomalous and block it. Because the software looks at the code, and if it executes something else that is not related, then Morphisec would block it. That is how it works."
"Morphisec is quite an important tool for us in terms of security and InfoSec because of the malware protection."
"Morphisec's in-memory protection is probably the most valuable feature because it stops malicious activity from occurring. If something tries to install or act as a sleeper agent, Morphisec will detect and stop it."
"Morphisec makes it very easy for IT teams of any size to prevent breaches of critical systems because of the design of their tool."
"Morphisec Guard enables us to see at a glance whether our users have device control and disk encryption enabled properly. This is important because we are a global company operating with multiple entities. Previously, we didn't have that visibility. Now, we have visibility so we can pinpoint some locations where there are machines that are not really protected, offline, etc. It gives us visibility, which is good."
"Morphisec also provides full visibility into security events for Microsoft Defender and Morphisec in one dashboard... in the single pane of glass provided by Morphisec, it's all right there at your fingertips: easy to access and easy to understand. And if you choose to go down further to know everything from the process to the hash behind it, you can."
"The real-time analytics feature in Zscaler Client Connector is another valuable feature called Digital Experience, or ZDX, which can easily identify the root cause of issues accessing public or internal resources and provide good analysis so relevant teams can quickly resolve them, making it a very good tool that helps customers."
"Zscaler Client Connector has eliminated VPN bottlenecks and outages, improved user productivity with instant secure access, and reduced help desk tickets related to VPN issues, overcoming 60% of VPN-related problems while allowing faster onboarding of remote users and better enforcement of zero-trust security policies."
"It is very important to see what is happening between the user and the applications that we have, and to filter the traffic from outbound traffic and inside traffic."
"Zscaler Client Connector is quite scalable, and I would rate its scalability as nine or ten out of ten."
"It is very useful, and the logs are very helpful; when we go to logs, we understand what is happening."
"The solution operates in the background seamlessly without the user noticing."
"I'd rate the solution nine out of ten."
"The best features of Zscaler Client Connector are that it gives the client a much more transparent experience, as they don't have to worry about connecting to a VPN."
 

Cons

"Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
"Currently, we are monitoring all USB drives and ports but we would like to improve our device control capabilities."
"There is also no recovery feature; if some endpoint is under attack there must be the possibility of recovering it or restoring it to a normal state."
"The playbooks could be improved to include more functionalities or actions."
"It's more focused on network communication. If a customer wants to increase the level of protection and start working with documents, it's impossible to integrate these features into the system. It's more of a communication-oriented system than a content security-oriented system."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"A potential area of improvement for Cortex XDR by Palo Alto Networks is the cost."
"The product's pricing could be better."
"Those are some of the features that I was looking for on my on-prem platform that they've already instituted in the cloud and that I'm sure will be instituting on their on-prem platform as well. Having to have an on-prem server required a lot of administration. Being able to push that to the cloud and have it managed up there for us is a real nice addition."
"We wanted to have multi-tenants in their cloud platform, so every entity can look into their own systems and not see other systems in other entities. I have a beta version on that now. I would like them to incorporate that in the cloud solution."
"Sometimes it generates false positive alerts. They need to continue working on that. They have provided solutions for it and have fixed issues with updated versions. The service is quite good but they need to work on it more so that there are no false positive alerts."
"Having to have an on-prem server required a lot of administration."
"We have only had four attacks in the last year, "attacks" being some benign PDF from a vendor that, for some reason, were triggered. There were no actual attacks. They were just four false positives, or something lowly like adware. There have been false positives with both the on-premises solution and the cloud solution."
"The only problem is that their support lives in Israel, so the time zones are a bit off, but I've never had any complaint beyond that."
"From a company standpoint, a little more interaction with the customers throughout the year might be beneficial. I would like check-ins from the Morphisec account executives about any type of Morphisec news as well as a bit more interaction with customers throughout the year to know if anything new is coming out with Morphisec, e.g., what they are working on in regards to their development roadmap. We tend not to get that up until the time that we go for a yearly renewal. So, we end up talking to people from Morphisec once a year, but it is usually at renewal time."
"The only area that really needs improvement is the reporting functionality. Gathering the detailed information that is in the system for an executive, or for me as a director, could be better. Some of the interface and reporting aspects are a little bit dated. They're working on it."
"Zscaler Client Connector is not low in cost; it is definitely on the higher side."
"I rate this product nine out of ten because I have seen some minor instability issues after updates and some room for UI improvement for deeper analytics, with instances of major issues after updating the GCC that required rollbacks."
"There is room for improvement regarding the price of Zscaler Client Connector, as it is one of the most expensive solutions available."
"If the speed is slow for Zscaler Client Connector connection, then we have issues because if the speed is not good, then Zscaler Client Connector goes down."
"There is a hard learning curve for Zscaler Client Connector; their support isn't the greatest all the time."
"The stability of Zscaler Client Connector needs improvement, as it often disconnects and reconnects."
 

Pricing and Cost Advice

"It has reasonable pricing for the use cases it provides to the company."
"Its pricing is kind of in line with its competitors and everybody else out there."
"The pricing is a little high. It is per user per year."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The solution is expensive. It's pricing is on a yearly-basis."
"It has a yearly renewal."
"Our license will require renewal in August, after which the maintenance will continue as usual."
"The price was fine."
"Price-wise, it's on the higher side. A traditional antivirus solution is cheaper, but in terms of security and manageability, its ROI is better than a traditional antivirus. I would recommend it to anybody evaluating or considering an antivirus solution. If your system gets compromised, the cost of ransom would be a lot more. This way, it saves a lot of cost."
"We are still using a separate tool. I know for our 600 or I think we're actually licensed for up to 700 users, it runs me 23 or $24,000 a year. When you're talking to that many users plus servers being protected, that's well worth the investment for that dollar amount."
"Licenses are per endpoint, and that's true for the cloud version as well. The only difference is that there is a little extra charge for the cloud version."
"It is a little bit more expensive than other security products that we use, but it does provide us good protection. So, it is a trade-off."
"It does not have multi-tenants. If South Africa wants to show only the machines that they have, they need their own cloud incidence. It is not possible to have that in a single cloud incidence with multiple tenants in it, instead you need to have multiple cloud incidences. Then, if you have that, it will be more expensive. However, they are going to change that, which is good."
"It is priced correctly for what it does. They end up doing a good deal of discounting, but I think it is priced appropriately."
"Our licensing is tied into our contract. Because we have a long-term contract, our pricing is a little bit lower. It is per year, so we don't get charged per endpoint, but we do have a cap. Our cap is 80 endpoints. If we were to go over 80, when we renewed our contract, which is not until three years are over. Then, they would reevaluate, and say, "Well, you have more than 80 devices active right now. This is going to be the price change." They know that we are installing and replacing computers, so the numbers will be all over the place depending on whether you archive or don't archive, which is the reason why we just have to keep up on that stuff."
"Compared to their competitors, the price of Morphisec is not that high. You can easily deploy it on a large-scale or small-scale network."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Outsourcing Company
16%
Manufacturing Company
12%
Construction Company
11%
Financial Services Firm
10%
Manufacturing Company
21%
Financial Services Firm
10%
Government
9%
Comms Service Provider
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business5
Midsize Enterprise8
Large Enterprise8
By reviewers
Company SizeCount
Small Business3
Large Enterprise5
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Zscaler Client Connector?
My experience with pricing, setup cost, and licensing is that the pricing is fair, though it is a bit costly. It oper...
What needs improvement with Zscaler Client Connector?
For Zscaler Client Connector, I would appreciate more granular control over the client update rollout and slightly fa...
What is your primary use case for Zscaler Client Connector?
My main use case of Zscaler Client Connector is to provide secure, seamless access to the internet and internal appli...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Morphisec, Morphisec Moving Target Defense
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
Lenovo/Motorola, TruGreen, Covenant Health, Citizens Medical Center
Information Not Available
Find out what your peers are saying about Morphisec vs. Zscaler Client Connector and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.