No more typing reviews! Try our Samantha, our new voice AI agent.

Nyotron PARANOID vs ThreatLocker Zero Trust Platform comparison

Sponsored
 

Comparison Buyer's Guide

Executive SummaryUpdated on Mar 17, 2026

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Protection Platform (EPP)
4th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
114
Ranking in other categories
Endpoint Detection and Response (EDR) (6th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Nyotron PARANOID
Ranking in Endpoint Protection Platform (EPP)
58th
Average Rating
8.6
Reviews Sentiment
7.0
Number of Reviews
2
Ranking in other categories
No ranking in other categories
ThreatLocker Zero Trust Pla...
Ranking in Endpoint Protection Platform (EPP)
5th
Average Rating
9.4
Reviews Sentiment
7.1
Number of Reviews
79
Ranking in other categories
Network Access Control (NAC) (4th), Advanced Threat Protection (ATP) (4th), Application Control (1st), ZTNA as a Service (5th), ZTNA (5th), Ransomware Protection (1st)
 

Mindshare comparison

As of July 2026, in the Endpoint Protection Platform (EPP) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.8%, up from 3.7% compared to the previous year. The mindshare of Nyotron PARANOID is 0.5%, up from 0.1% compared to the previous year. The mindshare of ThreatLocker Zero Trust Platform is 1.3%, up from 0.8% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Protection Platform (EPP) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.8%
ThreatLocker Zero Trust Platform1.3%
Nyotron PARANOID0.5%
Other94.4%
Endpoint Protection Platform (EPP)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
Abel Browarnik - PeerSpot reviewer
CEO at Expertos Browarnik
A cost-effective security solution for endpoint protection
The initial setup is complex. It is rare to see an effective endpoint protection system that does not require some effort. It is neither on the cloud nor on-premises. You deploy it on every endpoint or server, irrespective of perimeter. You must use a deployment tool unless you prefer to do it manually on every endpoint or server. We used an automation tool to deploy it. Since we had MSI with us. We had to verify that everything worked, but it didn't take more than two weeks for 1000 endpoints.
Santo Joy - PeerSpot reviewer
Head Of Cyber Security at a outsourcing company with 201-500 employees
Security controls have been strengthened with granular application, ringfencing, and access policies
The features of ThreatLocker Zero Trust Endpoint Protection Platform that I like the most are the Ringfencing, elevation control, storage control, and application whitelisting functionality. For examples of how these features benefit my company, we were looking for a solution across various vendors to actually implement application whitelisting controls. ThreatLocker's agent, which is very lightweight and does not use much CPU or RAM, helped us achieve that solution. Ringfencing was an add-on that ticked off a lot of Australian framework security controls, which is the reason we chose it. My impression of the allowlisting feature in terms of managing which software, scripts, and libraries run on my devices is that ThreatLocker's community page has a lot of information around this, which is very helpful. Not only that, the Cyber Hero support that ThreatLocker provides gives us insights and best practices, helping us achieve that solution and guiding us to the right platform. The impact of Ringfencing on controlling the behavior of approved applications has been a big winner for us because it is something that many other platforms do not provide as a functionality. Having that allowed us to identify what applications talk to each other, which is something that many other platforms do not do. The network control feature impacts my ability to manage network traffic across my endpoints and servers. We have not used this widely across all our partners, but wherever required, we use it. It has been an easy solution for those customers to get that control implemented. The elevation feature's role in facilitating just-in-time administrative access for approved applications shows that elevation control helps in many use cases involving remote control platforms, door usage, and security system platforms that require local admins. There are many solutions that provide this functionality, but the licensing cost seems to be expensive, and it also adds another solution into the mix. Rather than doing that, we try to use ThreatLocker Zero Trust Endpoint Protection Platform to achieve that control. Regarding the storage control feature, I have used it. The primary function is USB blocking, which is very widely adopted, and also just locking down and allowing certain users to access certain file locations helps us there. When it comes to enforcing policy-driven access over various storage devices, it depends on the business risk adapted by the companies that we support, but generally the use case is USB and external storage devices where companies know that is a risk, but they do not have appropriate solutions. There are EDR platforms that claim to do this, but ThreatLocker Zero Trust Endpoint Protection Platform does it at an advanced level. My assessment of the efficiency of the real-time threat intelligence and category controls employed by Web Control in blocking malicious and non-compliant sites leads me to think that Web Control is another functionality within ThreatLocker Zero Trust Endpoint Protection Platform that is an add-on on top of the current set. That is another solution that we use based on what is required for the company, but again, that is not widely adapted yet for our partners.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place."
"The solution allows control over the user and his machine through Cortex XDR security policies."
"The most valuable for us is the correlation feature."
"Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised."
"We switched because there were a lot of added features with Palo Alto that Check Point didn't have, and it was an upgrade for us."
"WildFire AI is the best option for this product."
"It blocks malicious files, prevents attacks, and doesn't require many updates because it is a very light application."
"The solution doesn't need a high level of technical training."
"Nyotron protects your users and does not acquire any threat intelligence."
"This product really is the best solution for this security issue."
"First of all, it does the job. It prevents harm to the operating system. Also, the visibility it gives to the user and to the administrator is very good."
"The time saved from dealing with ransomware nonsense is invaluable."
"The biggest one that we focus on is the application control with ringfencing. That combination is very beneficial."
"Feature-wise, the learning mode and the fact that it's blocking everything are the most valuable. I don't see why more companies don't use the type of product."
"Our assessment of Elevation Control's role in facilitating Just-In-Time administrative access for approved applications is that we are loving it so far."
"Overall, I would rate ThreatLocker Zero Trust Endpoint Protection Platform a ten out of ten."
"ThreatLocker Zero Trust Endpoint Protection Platform benefits my company by allowing us to be preventative instead of being retroactive or reactive."
"ThreatLocker provides visibility into user activity and application usage, empowering organizations to define acceptable applications and web browsers."
"Customer service is good. The Cyber Hero program ensures there is always someone available to help."
 

Cons

"When it comes to malware files, it should be a little quick because, at times, it would give a wrong result in the sense of what it might be on malware, even if it still might be a normal one."
"It'll help if customization was easier."
"There's an overall lack of features."
"It's very time-consuming to log support issues and the people that answer the tickets aren't very knowledgeable."
"Cortex does not offer an on-premises solution. However, some customers would prefer not to be on the cloud. It would be ideal if it could offer something on-prem as well."
"If he is using a smaller company, he can depend on some other tools because Cortex XDR by Palo Alto Networks is a bit expensive."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"The solution should be available on Linux and other platforms, including mobile platforms such as Android and iOS."
"The main feature that is missing is to have the same solution on servers. Currently it's only protecting the client side, not the server. If they would add the server in the same solution, that would be great."
"Their product is solid. I have a hard time complaining much about it because when we do find little things, they are usually interface-related or related to things that would be nice to have."
"We also have customers who are frustrated because they cannot do what they used to do, which was run anything they wanted to."
"We have had a few instances where the local database gets corrupted and starts blocking random Windows DLLs, and the support team has always been very quick at helping us identify and remediate that."
"Sometimes it does block new things we try to run, but once we get them approved, it works perfectly and successfully blocks the things we want to be hindered."
"A valuable addition to ThreatLocker would be a column in the audit page displaying a VirusTotal score for each file."
"When I first came on board, it was trickier to learn."
"ThreatLocker Zero Trust Endpoint Protection Platform can be improved by making the installation easier."
"From my point of view, logging could be improved. Logging should be easier."
 

Pricing and Cost Advice

"We didn't have to pay any additional fee for the cloud instance. It just came with the renewal, which was nice."
"The pricing is a little high. It is per user per year."
"I feel it is fairly priced."
"The price of the product is not very economical."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The solution has one subscription for endpoint protection and one subscription for detection and response. The two licenses combined give you the BRO version."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"The price of the solution is high for the license and in general."
Information not available
"I do not deal with pricing, but I assume it is cost-effective for us. We choose a solution based on functionality and affordability."
"We have not had any real issues with the pricing. As they have added more features, due to the way our contracts are structured with our customers, we have had to hold off on adopting the new features because they do add costs."
"The pricing works fine for me. It's very reasonably priced."
"The pricing is fair and there is no hard sell."
"I find ThreatLocker's pricing to be reasonable for the services it provides."
"I can't complain. Cheaper would always be nice, but I think it's reasonable compared to other software in the cybersecurity market."
"The pricing is reasonable and normal. I do not have any problems with the cost."
"The price of ThreatLocker Allowlisting is reasonable in the market, but it is not fantastic."
report
Use our free recommendation engine to learn which Endpoint Protection Platform (EPP) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
No data available
Computer Software Company
13%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise53
No data available
By reviewers
Company SizeCount
Small Business53
Midsize Enterprise14
Large Enterprise11
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Nyotron PARANOID?
There was an initial problem, we had to run the system in detection mode rather than prevention mode. The solution sh...
What is your primary use case for Nyotron PARANOID?
We use Nyotron PARANOID to protect endpoints. It serves as a second and last line of protection. It often detects thr...
What advice do you have for others considering Nyotron PARANOID?
They pushed updates frequently. Sometimes, an update breaks functionality, but it is easy to fix. It was an excellent...
What is your experience regarding pricing and costs for ThreatLocker Allowlisting?
My experience with pricing, setup cost, and licensing for ThreatLocker Zero Trust Endpoint Protection Platform is goo...
What needs improvement with ThreatLocker Allowlisting?
My experience with ThreatLocker Zero Trust Platform has been fairly good with not a lot of complaints. If I have to s...
What is your primary use case for ThreatLocker Allowlisting?
I currently work in the Enterprise GitLab platform for Scania where we have a lot of users using our GitLab platform ...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
No data available
Protect, Allowlisting, Network Control, Ringfencing
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
El Al Airlines
Information Not Available
Find out what your peers are saying about Nyotron PARANOID vs. ThreatLocker Zero Trust Platform and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.