No more typing reviews! Try our Samantha, our new voice AI agent.

Netsurion vs Stellar Cyber Open XDR comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Extended Detection and Response (XDR)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Endpoint Detection and Response (EDR) (6th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Netsurion
Ranking in Extended Detection and Response (XDR)
44th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
24
Ranking in other categories
Managed Security Services Providers (MSSP) (22nd), Security Information and Event Management (SIEM) (49th), SOC as a Service (11th), Managed Detection and Response (MDR) (32nd)
Stellar Cyber Open XDR
Ranking in Extended Detection and Response (XDR)
40th
Average Rating
0.0
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
Security Information and Event Management (SIEM) (44th), User Entity Behavior Analytics (UEBA) (28th), Endpoint Detection and Response (EDR) (58th), Network Traffic Analysis (NTA) (16th), Security Orchestration Automation and Response (SOAR) (24th), Network Detection and Response (NDR) (20th), Identity Threat Detection and Response (ITDR) (21st)
 

Mindshare comparison

As of July 2026, in the Extended Detection and Response (XDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 4.6%, down from 5.1% compared to the previous year. The mindshare of Netsurion is 0.9%, up from 0.2% compared to the previous year. The mindshare of Stellar Cyber Open XDR is 2.1%, up from 1.6% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks4.6%
Stellar Cyber Open XDR2.1%
Netsurion0.9%
Other92.4%
Extended Detection and Response (XDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
John-Berry - PeerSpot reviewer
Information Technology Manager at ProfitSolv
The SOC center monitors, hunts, and notifies us of threats around the clock
I know they are working to resolve this issue, but Netsurion is currently unable to retrieve logs from S3 buckets. We use WP Engine for a lot of web hosting as well as AWS, and both of these platforms use S3 buckets. I would like Netsurion to be able to pull logs from Linux devices. We have some of that capability, and I believe they can do it. However, the way it works with Amazon is strange and glitchy. Therefore, working something out with Amazon would be great. Netsurion's SOC can be a bit too aggressive at times. We have asked them to adjust their playbook because I am tired of being notified about the same issue multiple times a day. I am aware of the issue, and it is not a cause for concern. Let's only take action on this issue if we see an actual problem.
Hrishiraj Bhattacharjee - PeerSpot reviewer
Founder & CEO at Team Karimganj
Correlates incidents, allows for quicker identification and helps prioritize investigations
The only challenge is, and that’s where we come into play, it’s a pretty high-tech platform. So, it’s difficult for small and medium-sized organizations to manage it on their own. It’s a very complex system. It requires a lot of expertise. All my guys who work on it have gone through certification from Stellar itself. There are three different certifications that you need to complete. Only then are you certified by Stellar to work on it. It’s a very complex platform. Not everyone can use it. A simple IT engineer or system admin won’t be able to handle it because it’s quite complex. You need to have an understanding of the industry, the subject, and the tool. So, just purchasing this tool or license and then using it on your own would be very difficult to configure and manage on a day-to-day basis. The pricing model is not suitable for small and medium companies, particularly small companies. The minimum pricing model they have is suitable for companies with more than one thousand users. So, if someone has 50 to 100 users, like typical small companies, it’s difficult for them because the cost involved is high. Stellar would charge you for those thousand users, but you do not need all those users. So what are they going to do? I guess Stellar does not want to target small companies directly and maybe relies on resellers and MSPs like us to sell it. So, that is something I would recommend changing. Otherwise, it’s a great tool, but because of the pricing model, small companies are unable to leverage the advantage of this beautiful tool. So, the pricing model should be suitable for small and medium businesses. The product currently has vulnerability monitoring and everything. But if they could also do something about vulnerability management and maybe patch management, that would be nice.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex."
"We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for."
"Being a cloud solution it is very flexible in serving internal and external connections and a broad range of devices."
"Traps is quite a stable product. Once it was properly deployed and configured, you have nothing to be worried about."
"Palo Alto Networks Traps improves our security posture and lowers risk by providing next-gen methods to combat against modern threats on all the major platforms."
"Cortex XDR by Palo Alto Networks should be a stable solution."
"Automation and playbooks have helped me significantly, as Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context, efficiently detecting and blocking malicious attacks with firewalls while eliminating workload and speeding responses for next-generation operations."
"The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service."
"When I looked last week, we probably averaged about 20 million log entries a day. So, we certainly can't individually manage that. Just looking at the reports, then trying to go back and find anything that was questionable, was a challenge. Therefore, the managed service has been invaluable to us in terms of being able to narrow the scope of what really needs to be looked at and bringing those things to our attention to be dealt with."
"We have also integrated our endpoint security into the Netsurion SIEM. That's important because we have all the events in one place; we don't have to manage them in multiple places. In addition, the embedded MITRE ATT&CK Framework was paramount in our decision to choose Managed Threat Protection because the MITRE Framework is the industry standard for threats."
"Netsurion has its own security operations center, where it tracks information that comes across our telemetry."
"With the managed component, we get that personal attention and that consistent team to deal with, and to some extent, it's like they're part of our IT team."
"EventTracker has increased productivity and saved us time, absolutely."
"It's a deny-all policy, so there's an access list on each machine, and it was effortless to tune it for our software because we have four pieces of intellectual property used in-house, and that was super easy to get up and running compared to some of the other solutions I've seen."
"Of all the products and vendors that we've used, I've never had a more positive experience with a support team than with EventTracker's support team."
"Netsurion's security operations center is critical for us because they provide 24/7 monitoring, we've never had another company meet the same need in the past, and it's a valuable tool to have."
"Stellar Cyber Open XDR offers these functionalities at a more affordable price, making it easier for me to position it with price-sensitive customers."
"It can integrate with almost any cybersecurity tool available in the market."
 

Cons

"If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."
"Limited remote connection."
"A better pricing plan would make this product more competitive."
"It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc."
"Cortex XDR by Palo Alto Networks could improve by offering remote management. It would be useful to look at the client's issue to fix it."
"While using Cortex, I noticed some aspects that could be improved, such as increasing the synchronization speed between XDR and Xnor."
"It'll help if customization was easier."
"There are some false positives."
"I would like to see a faster response when we see things like 15,000 lockouts."
"Communication is always something that can be improved, but I feel that any time we've had a communication issue, it's quickly addressed when we bring those up at the monthly meetings. Usually, it's an individual that wasn't clear in the communication, it's not the process per se. You always have to be able to segregate if the process didn't work or an individual either didn't say the right thing or my people didn't understand what they were being told."
"The threat detection and response is passive. We have asked if there were options for taking action, and we have not gotten any feedback on that, which would be useful to know. Depending on the situation and threat, some actions may not be possible, but we haven't gotten any feedback on what options could be directed and actionable with the understanding that it may have an extra cost. It would be nice to know or find out if it is actually possible to take actions by a SIEM service or a SIEM agent."
"Probably the biggest thing is just: Can I search for this and what's the best way to do it? If I'm looking for two events versus a singular event, I just throw it back at them. They're the experts on it."
"The biggest problem is that we have too many domain controllers. So, we have to keep all the clients and main system updated with the latest versions along with making sure all the firewalls are open."
"I'd like to see improvement in the ease of generating reports. It seems fairly cumbersome whenever you decide to start tracking new categories of events. It seems a little kludgy when trying to generate those reports."
"The deployment of the agents could be a bit easier. We always seem to have a bit of a challenge with that. A lot of times the agents either don't deploy or they quit responding, then we have to go and redeploy them."
"Their SOC team can't understand our network because they haven't worked in the actual company. This does negatively affect security posture, e.g., if you don't have knowledge about the network, then you will miss things."
"Support is an issue because they have a limited number of resources."
"I would rate the stability at about five to six. The platform requires some fine-tuning, especially when integrating data sources and creating connectors."
 

Pricing and Cost Advice

"It has a higher cost than other solutions, like CrowdStrike or Microsoft’s EDR tools, but it reduces the cost of our operations because it’s a new generation antivirus tool."
"I don't like that they have different types of licenses."
"I feel it is fairly priced."
"Cortex XDR by Palo Alto Networks is quite an expensive solution."
"It has reasonable pricing for the use cases it provides to the company."
"It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"It is "expensive" and flexible."
"Netsurion's pricing is extremely fair and flexible. The price of their SIEM product is reasonable, and you can pay for those services you want on top of that. It wasn't cheap, but it's competitive, and we intend to renew our contract."
"The upfront costs have increased, and we have been locked into this contract. The cost of changing over from it is way too high."
"You are paying for different levels, especially as far as the monitoring goes and how often you review it with the team. The other factor that figures in is how many nodes are on your network, such as clients, network equipment, servers, etc. There are some additional pieces on top of that, but it's laid out pretty simply, as far as how much you're going to pay for a node."
"Our budget follows the calendar year. We just started a new budget year at the beginning of the month. We did budget for an increase in our threat management system selection. Therefore, we have the budget to implement and accommodate a threat management system change, including an increase for the quoted actions that we received to improve EventTracker. We are just waiting on our council to approve that budget, which might not be for a little while. Hopefully, when they do, we will be able to jump on doing something."
"In the security space, it's hard to quantify your return on investment. So, I don't. We spend about $40,000 a year and so. It's hard to say if the SIEM saved that much money."
"The pricing and licensing seem very reasonable. The managed service part of it feels like it gives me the equivalent of a full-time engineer for a lot less money. So, I feel it's a good value."
"Our pricing for Netsurion last year was US $52,000 per year."
"EventTracker's subscription-based model is interesting as far as yearly license type stuff. It's nice because you know what it's going to be next year. We haven't really looked at any other solutions. The pricing at the time compared to the other solutions was a lot less. A couple of years ago, we actually looked at Splunk. The amount in Splunk's licensing model is based on 20 gigs a day, or something like that. Based on our number of logs and stuff that we were already generating, the costs would be substantially more for the amount of logs that we would be getting."
"It’s a single license platform."
report
Use our free recommendation engine to learn which Extended Detection and Response (XDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Construction Company
11%
Outsourcing Company
10%
Performing Arts
10%
Manufacturing Company
9%
Manufacturing Company
13%
Comms Service Provider
9%
Computer Software Company
8%
Outsourcing Company
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
By reviewers
Company SizeCount
Small Business10
Midsize Enterprise7
Large Enterprise7
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
Ask a question
Earn 20 points
What is your experience regarding pricing and costs for Stellar Cyber Open XDR?
Pricing is a major benefit of Stellar Cyber Open XDR. I rate it between three and four on the cost scale. It offers f...
What needs improvement with Stellar Cyber Open XDR?
I am currently evaluating Stellar Cyber Open XDR in terms of their support. I do not see any major areas for improvem...
What is your primary use case for Stellar Cyber Open XDR?
I use Stellar Cyber Open XDR ( /products/stellar-cyber-open-xdr-reviews ) as a 24/7 security monitoring tool, especia...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Netsurion Managed Threat Protection, Netsurion EventTracker
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
The Salvation Army, The FRESH Market, Pacific Western Bank, NASA, American Academy of Orthopaedic Surgeons (AAOS), and Talbot’s Stores
Sumitomo Chemical USA, PlastiPak Packaging, University of Denver, Large California State Agency, Large Midwestern American City
Find out what your peers are saying about Netsurion vs. Stellar Cyber Open XDR and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.