Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs Swimlane comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
47
Ranking in other categories
SOC as a Service (2nd)
Swimlane
Ranking in Security Orchestration Automation and Response (SOAR)
9th
Average Rating
7.6
Reviews Sentiment
7.0
Number of Reviews
9
Ranking in other categories
AI-Powered Security Automation (2nd)
 

Mindshare comparison

As of July 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Palo Alto Networks Cortex XSOAR is 10.4%, down from 12.6% compared to the previous year. The mindshare of Swimlane is 3.2%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
Srikanth Nuthalapati - PeerSpot reviewer
Great support, scalable, and easier to code
The stability of the solution has room for improvement. I would like Swimlane to provide a single space where we can go to code, build, and automate. Where we have a provision to create tables, playbooks, and tables to produce results, connect all the dots, and make the flow automated. This would make it much easier to navigate than having to jump to different places. I would like to have a single button to click that would start me on the journey of creating my own code from the ground up, from the workflow algorithm to the automation process. This would be simpler than what I had with Splunk Phantom, where I had to piece things together and connect the dots to get the full picture. With this new feature, I could create the full picture with just one button click.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work."
"Each incident collected is orchestrated with automation that selects the security analyst to be involved, or provides complex execution plans for managing security incidents."
"It’s easy to install."
"It is quite scalable. I would rate it a ten out of ten."
"The orchestration in XSOAR is significantly easier compared to other SOAR tools I've used."
"The most valuable features are simplicity and ease of integration."
"What I appreciate most about Palo Alto Networks Cortex XSOAR is that it is very open, even more so than Anomali."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"Swimlane enables two SOC analysts to work efficiently as much as ten analysts would without Swimlane, which translates to significant manpower savings."
"The technical support from Swimlane is very good."
"Swimlane saves us 80 to 90 percent of our time by quickly helping us design the journey and efficiently passing information to various components."
"On a scale of one to ten, this solution deserves a rating of nine."
"Our primary goal was to reduce analyst time, and we have been successful in that."
"The most valuable feature of the solution is the support."
"Swimlane is a very effective way to represent workflows involving multiple users."
"It provides us with a single portal for our logs from different solutions."
 

Cons

"In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening."
"The solution’s price and technical support could be improved."
"It doesn't offer automatic internet reports out of the box."
"The user interface (UI) is quite heavy and takes time to load, which is a major drawback."
"The product can be tailored for each deployment to respond to specific customer needs, and this complexity may be seen as a downside."
"The solution's technical support could be better."
"Its dashboard features need improvement."
"Palo Alto needs to develop more AI-centric products."
"We faced a lot of issues with the product’s stability."
"I would prefer to have more colors added to represent different risks or notations, which can be used for the prioritization of risks and the significance of information."
"Swimlane's search bar is not working effectively, and there is no option to differentiate between two cases at the same time."
"Swimlane is not scalable because it is not exposed. Currently, it's a manual component that requires configuration through coding."
"The stability of the solution has room for improvement."
"There is a need for enhanced version control in Swimlane. Currently, our version does not support it, making it tough to move changes between environments during significant updates."
"I would like to see improvements in the minor bugs that occur with each update, as some features might have issues."
"The initial setup and deployment are complex."
 

Pricing and Cost Advice

"There is a yearly license required for this solution and it is expensive."
"Cortex XSOAR's price could be lower."
"The price of Palo Alto Networks Cortex XSOAR is expensive."
"The solution's cost is high."
"The solution is a bit on the expensive side."
"The pricing is fair. The pricing reflects the value and feature set it offers."
"From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
"The solution is based on an annual licensing model that is expensive."
Information not available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
860,632 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
10%
Government
7%
Financial Services Firm
16%
Computer Software Company
12%
Manufacturing Company
9%
Government
9%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
For Palo Alto Networks Cortex XSOAR, there is always room for improvement. One of the significant issues we encounter is system slowdown when we receive an influx of alerts, which inhibits how quic...
What do you like most about Swimlane?
It provides us with a single portal for our logs from different solutions.
What needs improvement with Swimlane?
Swimlane should enhance its integration features beyond the current task assignment, reaction, and persistence capabilities. It should support integrations with multiple signals or queues. Addition...
What is your primary use case for Swimlane?
Swimlane is used for tasks that need multiple task owners. For instance, with bank applications, if you're opening a new account or need KYC, the application might undergo several stages - from sub...
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
LinkedIn, TransUnion, Citrix, Aetna, Perspecta
Find out what your peers are saying about Palo Alto Networks Cortex XSOAR vs. Swimlane and other solutions. Updated: June 2025.
860,632 professionals have used our research since 2012.