No more typing reviews! Try our Samantha, our new voice AI agent.

Red Canary vs Uptycs comparison

Sponsored
 

Comparison Buyer's Guide

Executive Summary

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Cortex XDR by Palo Alto Net...
Sponsored
Ranking in Endpoint Detection and Response (EDR)
6th
Average Rating
8.4
Reviews Sentiment
6.8
Number of Reviews
113
Ranking in other categories
Endpoint Protection Platform (EPP) (4th), Extended Detection and Response (XDR) (4th), Ransomware Protection (2nd), AI-Powered Cybersecurity Platforms (1st)
Red Canary
Ranking in Endpoint Detection and Response (EDR)
37th
Average Rating
9.0
Reviews Sentiment
7.7
Number of Reviews
7
Ranking in other categories
Advanced Threat Protection (ATP) (24th), Managed Detection and Response (MDR) (12th), Risk-Based Vulnerability Management (16th)
Uptycs
Ranking in Endpoint Detection and Response (EDR)
51st
Average Rating
7.6
Reviews Sentiment
6.9
Number of Reviews
2
Ranking in other categories
Endpoint Protection Platform (EPP) (44th), Container Security (37th), Cloud Workload Protection Platforms (CWPP) (23rd), Extended Detection and Response (XDR) (39th), Cloud Security Posture Management (CSPM) (33rd), Cloud-Native Application Protection Platforms (CNAPP) (22nd), Cloud Detection and Response (CDR) (12th)
 

Mindshare comparison

As of July 2026, in the Endpoint Detection and Response (EDR) category, the mindshare of Cortex XDR by Palo Alto Networks is 3.6%, down from 3.9% compared to the previous year. The mindshare of Red Canary is 0.7%, up from 0.2% compared to the previous year. The mindshare of Uptycs is 0.5%, up from 0.1% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Endpoint Detection and Response (EDR) Mindshare Distribution
ProductMindshare (%)
Cortex XDR by Palo Alto Networks3.6%
Red Canary0.7%
Uptycs0.5%
Other95.2%
Endpoint Detection and Response (EDR)
 

Featured Reviews

ABHISHEK_SINGH - PeerSpot reviewer
Senior Process Expert at A.P. Moller - Maersk
Gained full visibility and streamlined threat detection through behavior-based insights and AI integration
Initially, we got to have a lot of false positives when we onboarded, but nowadays it's quite smooth. We have fine-tuned our security policies and allowed different levels of policies to get rid of those false positives. Currently, we are getting a fairly good amount of incidents that are not false positives or benign, but actionable items. The process is streamlined. In the initial days, the operations used to get involved in a lot of benign and other activities, but now the process is streamlined. We are leveraging the auto-detection and remediation plans. The operations teams are now more involved in other business roles as well, not just looking into the logs and fetching out what's happening there. They have fixed a lot of things. Initially, they didn't have IAC code drift detection, cloud posture management, or security posture management, but they have those now. They purchased different vendors and did a merger with that. They have now Prisma Cloud that gets integrated and now they are working with Cortex Cloud. Everything that was negative has now been addressed, and the product altogether looks to be in a very better and mature shape now. Currently, it's more or less detecting the workloads with AI-based best practices. Since most organizations are consuming AI agents and other things, we are looking forward to seeing what other feature enhancements Palo Alto can support in that.
JH
Head of Information Security and Privacy at Ovative Group
Gained trusted 24/7 threat coverage and now focus security efforts on architecture and design
In my experience, the best features Red Canary offers are their team, their monitoring team, their expertise at incident investigation, and a focus on suspicious or actual indicators of compromise to ensure that we're not spending time just reviewing logs, but that we're actually looking at things that may indicate we have broader issues. The Red Canary team's expertise stands out compared to others I've worked with because their team is organized into smaller pods that support a given number of clients, so they're not just a bevy of operators going around the clock. The teams themselves have coordination and cohesion, and they get to know us. Their integrations into the different platforms and systems that we use all line up with our needs, whereas a number of other platforms offered a different variety of integrations that did not line up with our requirements. Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization. With the freed-up resources, we've been able to implement CSPM, SAST, software testing tooling, and engage much more closely with our developers and engineers to focus on secure architecture and design.
SangramGupta - PeerSpot reviewer
Security Consultant at Deloitte
Centralized visibility has improved risk-based vulnerability management but onboarding still needs simplification
From my perspective, the features of Uptycs that stand out more for my projects and organization are the vulnerability management, endpoint visibility, and asset inventory management features. I can share two specific outcomes that show this positive impact using Uptycs. First, it reduces significant time and effort from the asset inventory point of view because previously I needed to scan all of the assets which were in scope, but now I only scan those assets that are currently active and in scope, and the CMDB and asset inventory receive proper updates of those assets. Secondly, in vulnerability prioritization, I receive all the prioritized vulnerabilities so I can prioritize and mitigate or remediate them as soon as possible, which reduces the overall time of remediation as well.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features."
"The user interface of the solution is sophisticated and straightforward."
"The dashboard is customizable."
"Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection."
"We switched because there were a lot of added features with Palo Alto that Check Point didn't have, and it was an upgrade for us."
"Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most."
"The most valuable aspect of Cortex XDR by Palo Alto Networks for me is its integration with AI detection, where we get to know the behavioral detection based on users, traffic patterns, and different services that we consume."
"I like that the product has behavior-based detection which offers many benefits over signature-based detection."
"The near real-time review translates into near real-time action. So, in addition to alerting, Red Canary MDR has response playbooks built out."
"I am satisfied with this solution and it is very competitive with other similar EDR or MDR solutions because it provides very impressive information about the root cause of the threat, such as malware."
"The valuable features of this solution are it integrates well with different EDR software, such CrowdStrike, and Carbon Black, and the information it provides is helpful."
"Red Canary has impacted my organization positively because we treat any ticket triggered by them as high priority due to the fact that 99 percent of the time it is a true positive."
"Red Canary has positively impacted my organization because I don't have to spend and hire resources to look at logs, which has enabled us to do much more in terms of improving security across the organization."
"The solution works well for what we use it for and the support and protection are good."
"The most valuable feature of the solution is its automation part."
"I recommended Red Canary to my friends who work in other organizations."
"I have seen a return on investment from using Uptycs, saving almost 25 to 30 percent in terms of asset investigations or asset inventory management and vulnerability prioritization, which is significant."
"They have multiple great features."
 

Cons

"Technology evolves every day, so it would be nice if it gets more secure. It can also have more integration with other platforms."
"We have found that there are times Cortex XDR by Palo Alto Networks does not detect some of the viruses, we have to use another protection solution called Kaspersky."
"I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs."
"The solution lags to the real-time scenarios here and there."
"I have seen lagging with Cortex XDR by Palo Alto Networks. There was one time when we faced a threat actor trying to gain access to our system. When our team utilized the tool, we were all on the same dashboard and we faced a lag issue at that time of around five minutes, which was quite significant."
"We would also like to have advanced tech protection and email scanning."
"It tends to do 99.9% of things. The only thing I'd like is single sign-on authentication into their cloud platform so that my users can be properly authenticated against it."
"I feel that it should not be a licensed activity because a feature should allow us to see applications running on end devices."
"The most valuable feature of Red Canary MDR is the overall threat protection it provides."
"I wish Red Canary could have a graph that shows the endpoint, user, and how it spreads, providing a visual representation to easily identify what happened."
"Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including the types of data they're looking at and the types of systems that they're integrating with."
"In general, the solution currently fails to provide a summary to its users."
"The price could always be better."
"I would like there to be an on-premise version of this solution for our data centers because of the proliferation of online threats."
"Red Canary's pricing spectrum may not be ideal for smaller financial institutions."
"We end up facing a lot of issues after upgrades."
"Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current onboarding method is complex and requires checks with the support team."
 

Pricing and Cost Advice

"We pay about $50,000 USD per year for a bundle that includes Cortex XDR."
"I don't like that they have different types of licenses."
"I don't have any issues with the pricing. We are satisfied with the price."
"This is an expensive solution."
"It has reasonable pricing for the use cases it provides to the company."
"When we first bought it, it was a bit expensive, but it was worth it. The licensing was straightforward."
"The price of the solution could be reduced. I have customers that have voiced that the solution is good for the value but if I want to sell more of the solution the price reduction would help."
"In terms of the cost Cortex XDR by Palo Alto Networks is very expensive because we are a Mexican company and when you translate dollars to pesos the cost is very high. The solution is very expensive for Mexican companies. I understand that they have international prices, but I do not think it offsets the price enough for many companies in countries, such as Mexico. The amount it is reduced is not a massive percentage."
"The solution could vary in price depending on how many endpoints a company has."
"I have not compared Red Canary to other solutions to know if the price is high or low. However, I have found the price of this solution fair and reasonable, it cost approximately $100 per year, per device. If they could provide the solution for $50 per year, per device, it would be better."
"Red Canary MDR I use is an open-source tool."
Information not available
report
Use our free recommendation engine to learn which Endpoint Detection and Response (EDR) solutions are best for your needs.
902,988 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Construction Company
12%
Financial Services Firm
11%
Manufacturing Company
10%
Comms Service Provider
9%
Financial Services Firm
9%
Construction Company
8%
Manufacturing Company
8%
Computer Software Company
8%
Financial Services Firm
19%
Construction Company
13%
Insurance Company
6%
Transportation Company
5%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
By reviewers
Company SizeCount
Small Business46
Midsize Enterprise21
Large Enterprise52
By reviewers
Company SizeCount
Small Business6
Large Enterprise2
No data available
 

Questions from the Community

Cortex XDR by Palo Alto vs. Sentinel One
Cortex XDR by Palo Alto vs. SentinelOne SentinelOne offers very detailed specifics with regard to risks or attacks. ...
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
Cortex XDR by Palo Alto vs. CrowdStrike Falcon Both Cortex XDR and Crowd Strike Falcon offer cloud-based solutions th...
How is Cortex XDR compared with Microsoft Defender?
Microsoft Defender for Endpoint is a cloud-delivered endpoint security solution. The tool reduces the attack surface,...
What needs improvement with Red Canary MDR?
Red Canary can be improved by continuing to add new features and capabilities to what they are looking at, including ...
What is your primary use case for Red Canary MDR?
My main use case for Red Canary is to ensure I can sleep at night by getting 24/7 coverage by a capable team to inves...
What needs improvement with Uptycs?
Regarding improvements for Uptycs, I suggest simplified onboarding for complex cloud environments because the current...
What is your primary use case for Uptycs?
I use Uptycs as part of cloud security threat detection, vulnerability management, and security operations initiative...
What advice do you have for others considering Uptycs?
My advice for others looking into using Uptycs is that if you are looking for a centralized solution for all security...
 

Also Known As

Cyvera, Cortex XDR, Palo Alto Networks Traps
Red Canary Managed Detection and Response (MDR)
No data available
 

Overview

 

Sample Customers

CBI Health Group, University Honda, VakifBank
DuPont, Quanta Services, Microchip Technology, Hopkins Public Schools, Henny Penny, Schumacher Homes
Comcast, Crossbeam, Flexport, Greenlight Financial, Lookout Security, PayNearMe
Find out what your peers are saying about Red Canary vs. Uptycs and other solutions. Updated: June 2026.
902,988 professionals have used our research since 2012.