Try our new research platform with insights from 80,000+ expert users

Palo Alto Networks Cortex XSOAR vs Swimlane comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Dec 5, 2024

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Palo Alto Networks Cortex X...
Ranking in Security Orchestration Automation and Response (SOAR)
2nd
Average Rating
8.4
Reviews Sentiment
6.9
Number of Reviews
47
Ranking in other categories
SOC as a Service (2nd)
Swimlane
Ranking in Security Orchestration Automation and Response (SOAR)
9th
Average Rating
7.6
Reviews Sentiment
7.0
Number of Reviews
9
Ranking in other categories
AI-Powered Security Automation (2nd)
 

Mindshare comparison

As of July 2025, in the Security Orchestration Automation and Response (SOAR) category, the mindshare of Palo Alto Networks Cortex XSOAR is 10.4%, down from 12.6% compared to the previous year. The mindshare of Swimlane is 3.2%, down from 3.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Security Orchestration Automation and Response (SOAR)
 

Featured Reviews

NikhilSharma2 - PeerSpot reviewer
Ability to multiple playbooks to fetch data from multiple firewalls and utomated several tasks, including vulnerability scans and SOCL (Security Orchestration, Automation
Recently, they started implementing microservices in XSOAR, which has improved quality and addressed previous issues. However, they should focus more on licensing costs. The user licensing fees are quite high. For example, I received a quote for XSOAR, and it was $12,000 per user per year. If you have a SOC team of 30 members/analysts, you're looking at a substantial expense. They should consider reducing these costs since this high pricing seems to be more about profit. So, there is room for improvement in the pricing. Moreover, the reporting and dashboard features are decent but could be improved. The user interface (UI) is quite heavy and takes time to load, which is a major drawback.
Srikanth Nuthalapati - PeerSpot reviewer
Great support, scalable, and easier to code
The stability of the solution has room for improvement. I would like Swimlane to provide a single space where we can go to code, build, and automate. Where we have a provision to create tables, playbooks, and tables to produce results, connect all the dots, and make the flow automated. This would make it much easier to navigate than having to jump to different places. I would like to have a single button to click that would start me on the journey of creating my own code from the ground up, from the workflow algorithm to the automation process. This would be simpler than what I had with Splunk Phantom, where I had to piece things together and connect the dots to get the full picture. With this new feature, I could create the full picture with just one button click.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable features of Cortex XSOAR include its vast library of plugins, which allow us to integrate various tools and solutions seamlessly."
"The automation is excellent."
"Palo Alto is easy to use."
"It is a scalable solution."
"The most valuable features of Palo Alto Networks Cortex XSOAR are the remote controller from the workstation that can execute commands and isolate the systems outside of the network. Only the system with an internet connection can execute the task because the main console is in the cloud."
"It was useful as a ticketing tool."
"Palo Alto has gotten the investigators more presence to actually go in the report because being that the platform will email the investigator that it's been assigned to, now the investigators will jump in there and start going through the review process a lot quicker."
"The orchestration in XSOAR is significantly easier compared to other SOAR tools I've used."
"We are using it for a SOAR platform at a Cyber Security company which is MSSP."
"Swimlane saves us 80 to 90 percent of our time by quickly helping us design the journey and efficiently passing information to various components."
"The technical support from Swimlane is very good."
"It provides us with a single portal for our logs from different solutions."
"The most valuable feature of the solution is the support."
"On a scale of one to ten, this solution deserves a rating of nine."
"Swimlane enables two SOC analysts to work efficiently as much as ten analysts would without Swimlane, which translates to significant manpower savings."
"Swimlane is a very effective way to represent workflows involving multiple users."
 

Cons

"The dashboard could be better."
"I would like to see Cortex become less dependent on Active Directory and group policies to manage the deployment. Maybe I need to update my understanding of how to deploy it, but that's the way I know how to use it."
"The solution is complicated to learn."
"There should be an on-premise version available for customers to have different choices."
"XSOAR could have more integration options."
"It's only one cloud right now. It might be helpful for some companies to have an on-premies option."
"I would love to see more flexibility on what we can display and design on the dashboards."
"The integration could be better. Cortex, for example, does not work with iPhone."
"There is a need for enhanced version control in Swimlane. Currently, our version does not support it, making it tough to move changes between environments during significant updates."
"We faced a lot of issues with the product’s stability."
"I would prefer to have more colors added to represent different risks or notations, which can be used for the prioritization of risks and the significance of information."
"I would like to see improvements in the minor bugs that occur with each update, as some features might have issues."
"The initial setup and deployment are complex."
"The stability of the solution has room for improvement."
"Swimlane's search bar is not working effectively, and there is no option to differentiate between two cases at the same time."
"Swimlane is not scalable because it is not exposed. Currently, it's a manual component that requires configuration through coding."
 

Pricing and Cost Advice

"The solution's pricing needs improvement."
"The solution is based on an annual licensing model that is expensive."
"The price of Palo Alto Networks Cortex XSOAR is comparable to other solutions in the market."
"It is approx $10,000 or $20,000 per year for two user licenses."
"The solution's cost is reasonable."
"The price of Palo Alto Networks Cortex XSOAR is expensive."
"From the cost perspective, I have heard that its price is a bit high as compared to other similar products."
"Palo Alto offers significant discounts to customers who purchase the products repeatedly."
Information not available
report
Use our free recommendation engine to learn which Security Orchestration Automation and Response (SOAR) solutions are best for your needs.
859,957 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
15%
Computer Software Company
12%
Manufacturing Company
10%
Government
7%
Financial Services Firm
16%
Computer Software Company
12%
Manufacturing Company
9%
Government
8%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What is your experience regarding pricing and costs for Palo Alto Networks Cortex XSOAR?
Even though customers often comment on the price, the potential savings come from managing a large number of security events with a limited number of analysts. This leads to economic advantages des...
What needs improvement with Palo Alto Networks Cortex XSOAR?
For Palo Alto Networks Cortex XSOAR, there is always room for improvement. One of the significant issues we encounter is system slowdown when we receive an influx of alerts, which inhibits how quic...
What do you like most about Swimlane?
It provides us with a single portal for our logs from different solutions.
What needs improvement with Swimlane?
Swimlane should enhance its integration features beyond the current task assignment, reaction, and persistence capabilities. It should support integrations with multiple signals or queues. Addition...
What is your primary use case for Swimlane?
Swimlane is used for tasks that need multiple task owners. For instance, with bank applications, if you're opening a new account or need KYC, the application might undergo several stages - from sub...
 

Also Known As

Demisto Enterprise, Cortex XSOAR, Demisto
No data available
 

Overview

 

Sample Customers

Cellcom Israel, Blue Cross and Blue Shield of Kansas City, esri, Cylance, Flatiron Health, Veeva, ADT Cybersecurity
LinkedIn, TransUnion, Citrix, Aetna, Perspecta
Find out what your peers are saying about Palo Alto Networks Cortex XSOAR vs. Swimlane and other solutions. Updated: June 2025.
859,957 professionals have used our research since 2012.