No more typing reviews! Try our Samantha, our new voice AI agent.

Netsurion vs Secureworks Taegis XDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Oct 8, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Netsurion
Ranking in Extended Detection and Response (XDR)
44th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
Managed Security Services Providers (MSSP) (22nd), Security Information and Event Management (SIEM) (49th), SOC as a Service (11th), Managed Detection and Response (MDR) (32nd)
Secureworks Taegis XDR
Ranking in Extended Detection and Response (XDR)
18th
Average Rating
8.2
Reviews Sentiment
6.4
Number of Reviews
6
Ranking in other categories
Network Detection and Response (NDR) (14th)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of Netsurion is 0.9%, up from 0.2% compared to the previous year. The mindshare of Secureworks Taegis XDR is 1.3%, up from 1.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Secureworks Taegis XDR1.3%
Netsurion0.9%
Other93.2%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
John-Berry - PeerSpot reviewer
Information Technology Manager at ProfitSolv
The SOC center monitors, hunts, and notifies us of threats around the clock
I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.
Mohammad Talha Talkin Alam - PeerSpot reviewer
Assistant Manager IT at PDS Multinational
Improved network protection has secured our servers and monitors web and application traffic
Till now, I have not seen any weak point that needs to be improved in Secureworks Taegis XDR. I think that since the technology is becoming upgraded, it will be good for Sophos to include more features in future updates of this solution. Secureworks Taegis XDR is a good product, but it should include AI technology.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security."
"The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week."
"Cortex is the best tool for endpoint detection, and I have used it to verify hashes or domains to identify malicious activity, trigger playbooks that automate and gather endpoint logs, block malicious processes, and update incident tickets, showcasing end-to-end processes with automation in investigation and reducing the analysis workflow."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"Its ability to react to cyber data attacks is awesome."
"But overall, when we speak about security and protection, they are one of the top providers."
"In one single alert, we are getting the network telemetry, endpoint telemetry, email security telemetry, and proxy telemetry all in one single ticket, making it very easy."
"The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past."
"Netsurion was easy to deploy. I have worked with other systems that were a little less complex, but they weren't quite as easy to deploy."
"EventTracker is exactly that; it's giving me all of the features and functions that we need to do our jobs, and at a price point that's incredibly attractive."
"I like the UI, overall. I like the main page and there are aspects of the search page that I like. When you bring it up on the left-hand side of the page, as you look at the events, the ability to simply hit and click the plus/minus to pull events in and out of the overall view is well done and is very effective from a threat-hunting and an analysis perspective. I like the detail it shows."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"I think Netsurion scales well. We've gone from a small number of agents up to thousands. So I would imagine that it would continue to scale. I don't see any issue with that."
"Overall, we're really thrilled with them."
"The product satisfies our compliance, and thus, all of our auditors. All of the data that we use and store for all security events is required by our auditors to be kept in a central storage location."
"There are a host of things that are most valuable. Obviously monitoring our environment and reporting out different events is important. They perform a suite of services. They monitor all of our servers, all of our key infrastructure, like our DNS, our switches, all that stuff. They aggregate and correlate that quarterly. They'll tell us if we're getting a lot of login failures and something is going on or if something's weird."
"The initial setup was straightforward."
"It's a complete solution package."
"The auto-triage feature of Secureworks Taegis XDR makes my workflow easier and efficient, helping me shorten the time of responding to every alert, make my activities productive, and manage everything that I need to check every alert and detection."
"Definitely, Secureworks Taegis XDR is cost effective for the long run since the product is at a lower cost rather than other brands."
"The features I find most valuable are the fact that Secureworks Taegis XDR runs itself without any form of intervention."
"Secureworks Taegis XDR has positively impacted our organization by improving detection rates and reducing our time; as I mentioned, it saves us from manually going through all the logs, which is not practical."
 

Cons

"To jump from the partner to Palo Alto directly was challenging."
"The price could be a little lower."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"I would like to see improvement in the tool's user interface, particularly in the area of managing alerts and providing more reporting capabilities."
"The product's pricing needs improvement. They could provide more discounts. Additionally, the dashboard and control panel could be enhanced."
"Whenever the tool releases a new version when deploying the product across the organization, I feel like there are some disturbances in the CPU usage after upgrading the tool to the latest version."
"It would be good to have a better way to search for a file within the UI."
"With version 8, there are quite a few things; the query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9."
"The agents on the endpoints seem to fail quite a bit, requiring manual involvement from the local administrators. I would like to see their product be much more ad hoc and update automatically."
"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."
"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."
"Netsurion's SOC can be a bit too aggressive at times."
"With version 8, there are quite a few things. The query tool was one of the big ones, and the query speed was one of the big ones, but they've made some great strides between versions 8 and 9. There were also issues in version 8 around the ability to get the data back out. It's one thing to collect data, but it's a whole other thing to be able to present it or run it in a timely manner. The old tool, depending on how far back I was looking, might even time out and I would have to run it again."
"There's always room to improve because there would be no competition if they had a perfect solution. The GUI to perform searches within the product may not be intuitive to a new user."
"I would like to see the dashboard come up more quickly."
"The pricing could be improved."
"The efficiency or the smooth navigation of the website or the application can be improved in Secureworks Taegis XDR."
"Customer support for Secureworks Taegis XDR is not that bad; they are reachable but not super efficient."
"We found limitations in the XDR's detections, lacking the ability to create customized detection and log parsing rules."
"Secureworks Taegis XDR is a good product, but it should include AI technology."
 

Pricing and Cost Advice

"It has reasonable pricing for the use cases it provides to the company."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The pricing is okay, although direct support can be expensive."
"Cortex XDR's pricing is ok."
"I don't have any issues with the pricing. We are satisfied with the price."
"It is "expensive" and flexible."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"Netsurion's pricing is competitive. At the same time, they're the only ones who do what we want to do the way we want it. I can't say we would've paid more, but we would've had to have come up with our own solution if they weren't providing that."
"The solution is fairly expensive, but in my experience, all of the SIEM applications that I've evaluated or looked at cost about the same."
"Our pricing for Netsurion last year was US $52,000 per year."
"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."
"We put together the package of what we needed. It was based pretty much on the number of agents that we were deploying. If we needed to manage logging from certain specific applications, like Active Directory and SQL Server, there has been no additional cost for that. We had agents deployed for those specific servers and the applications were included, then there was just an additional installation that they had to do for us."
"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."
"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
"The pricing is six out of ten."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
11%
Outsourcing Company
10%
Performing Arts
10%
Manufacturing Company
9%
Financial Services Firm
15%
Manufacturing Company
12%
Computer Software Company
9%
Educational Organization
6%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise7
Large Enterprise7
By reviewers
Company SizeCount
Small Business1
Midsize Enterprise1
Large Enterprise5
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What needs improvement with Secureworks Taegis XDR?
I suggest that we can check also the data sources of every data collector so that we can be informed of what data sou...
What is your primary use case for Secureworks Taegis XDR?
The main use for Secureworks Taegis XDR is to triage alerts from low to critical alerts and analyze and investigate d...
What advice do you have for others considering Secureworks Taegis XDR?
Secureworks Taegis XDR has been dependable for me regarding its AI capabilities in terms of accuracy and reliability ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Netsurion Managed Threat Protection, Netsurion EventTracker
Secureworks Taegis NDR
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
Information Not Available
Find out what your peers are saying about Netsurion vs. Secureworks Taegis XDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.