No more typing reviews! Try our Samantha, our new voice AI agent.
Cortex XDR by Palo Alto Networks Logo

Cortex XDR by Palo Alto Networks pros and cons

Vendor: Palo Alto Networks
4.2 out of 5
Badge Ranked 1
Leave a review

Pros & Cons summary

Cortex XDR by Palo Alto Networks offers robust endpoint and server security, known for stability, scalability, and ease of use, excelling in advanced threat prevention and enhanced detection with automation. Despite seamless integration with Palo Alto firewalls, challenges include Windows, Linux, and Mac version gaps, high pricing, complex setup, limited third-party integration, and difficult support. Cortex XDR efficiently supports large enterprises but may not suit smaller businesses due to cost concerns and functionality issues.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Cortex XDR by Palo Alto Networks provides robust endpoint and server security, significantly reducing attack surfaces and improving detection capabilities.
The platform excels in advanced threat prevention, employing machine-learning and behavior-based analytics to combat modern threats.
Its seamless integration with Palo Alto firewalls provides comprehensive security and allows for efficient management of endpoint devices.
Cortex XDR by Palo Alto Networks is known for its stability and scalability, effectively supporting large enterprises with ease of use.
The platform offers enhanced threat detection and incident response through automation and playbooks that streamline processes and reduce workloads.

CONS

Cortex XDR by Palo Alto Networks has a severe gap in functionality between Windows, Linux, and Mac versions, affecting features like folder restriction settings.
Support from Palo Alto Networks is criticized for being difficult to contact and lacking knowledgeable assistance.
The price of Cortex XDR by Palo Alto Networks is high and not considered cost-effective, especially for smaller businesses.
Cortex XDR by Palo Alto Networks struggles with integration, particularly with third-party solutions and internal products.
The setup and configuration of Cortex XDR by Palo Alto Networks are complex, making implementation challenging.
 

Cortex XDR by Palo Alto Networks Pros review quotes

ManagerO5d72 - PeerSpot reviewer
ManagerO5d72
Manager of InfoSec at Jo-Ann Stores
Dec 12, 2018
Traps has drastically reduced our endpoint attack surface via advanced detection capabilities, sandboxing of never before seen programs, and by drastically limiting where executables can launch in the first place.
Read full review
RH
Rob Haller
Security Engineer at U.S. Acute Care Solutions
Jan 10, 2019
We've had a significant increase in blocking with a decrease in false positives, because it's looking at how the files work, not just a list of files that it's been told to look for.
Read full review
LT
Luke Teeters
Lead IT Security Analyst at a mining and metals company with 1,001-5,000 employees
Jan 17, 2019
The multi-layered approach to the product gives you confidence that it will stop exploits, ransomware, worms, or viruses from compromising endpoints, essentially providing peace of mind.
Read full review
Buyer's Guide
Cortex XDR by Palo Alto Networks
April 2026
Free Report: Cortex XDR by Palo Alto Networks Reviews and More
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
886,932 professionals have used our research since 2012.
OS
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Feb 7, 2019
If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies.
Read full review
SH
Saidatta HIndlekar
Manager Information Technology at Avendus
Feb 7, 2019
It blocks malicious files. It prevents attacks. It doesn't require many updates, it's a very light application.
Read full review
AK
Amjad Khan
Information Technology Manager at a hospitality company with 10,001+ employees
Feb 7, 2019
After deploying Traps, we saw the performance of the network improve by 65 to 70 percent.
Read full review
Netw9886 - PeerSpot reviewer
Netw9886
Network Manager of Cyber Defence at a government with 1,001-5,000 employees
Feb 11, 2019
The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical.
Read full review
RR
Raul Rivera
Cybersecurity Engineer at GFR Media
Oct 7, 2019
The one feature of Palo Alto Networks Traps that our organization finds most valuable is the App ID service.
Read full review
Traps677 - PeerSpot reviewer
Traps677
IT-Administration at a mining and metals company with 51-200 employees
Jun 24, 2019
We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us.
Read full review
it_user1009236 - PeerSpot reviewer
it_user1009236
SOC Analyst at a tech services company with 201-500 employees
Jul 9, 2019
The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week.
Read full review
Show 10 more reviews (out of 107)
 

Cortex XDR by Palo Alto Networks Cons review quotes

ManagerO5d72 - PeerSpot reviewer
ManagerO5d72
Manager of InfoSec at Jo-Ann Stores
Dec 12, 2018
There is a severe gap in functionality between Windows, Linux, and Mac versions. For example all folder restriction settings are Windows only. Traps 5.0+ does not have SAML / LDAP integration.
Read full review
RH
Rob Haller
Security Engineer at U.S. Acute Care Solutions
Jan 10, 2019
They have the worst support, as a company, that I have ever worked with, as they are difficult to get a hold of and keep on the phone. They don't know what they are talking about when you get them on the phone. They don't like to respond to messages when you send them to them. They like to "research problems" for weeks on end, then pass you off to somebody else.
Read full review
LT
Luke Teeters
Lead IT Security Analyst at a mining and metals company with 1,001-5,000 employees
Jan 17, 2019
Previously, the endpoint would leave the environment, not being on our VPN, essentially unable to interact with the server to upload files. It was unable to retrieve new file verdicts. It was using a thing called "local analysis" to determine if something was a malicious file or not. There was no dynamic analysis.
Read full review
Buyer's Guide
Cortex XDR by Palo Alto Networks
April 2026
Free Report: Cortex XDR by Palo Alto Networks Reviews and More
Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: April 2026.
DOWNLOAD NOW
886,932 professionals have used our research since 2012.
OS
Omar Sánchez (Mr.Tech)
Information Security Advisor, CISO & CIO, Docutek Services at Docutek Services
Feb 7, 2019
Traps doesn't work with McAfee. You need to remove McAfee to install Traps. This is very common, and its nothing that should be an issue. Some antivirus engines recognize Traps as an threat component, so maybe they need to shake hands somewhere.
Read full review
SH
Saidatta HIndlekar
Manager Information Technology at Avendus
Feb 7, 2019
Managing the product should be easier.
Read full review
AK
Amjad Khan
Information Technology Manager at a hospitality company with 10,001+ employees
Feb 7, 2019
There are some default policies which sometimes affect our applications and cause them to run around. In the hotel industry, we use a different type of data versus Oracle and SQL. By default, there are some policies which stop us from running properly. Because of this, the support level is also not that strong. We have to wait to get a results.
Read full review
Netw9886 - PeerSpot reviewer
Netw9886
Network Manager of Cyber Defence at a government with 1,001-5,000 employees
Feb 11, 2019
There are some false positives. What our guys would have liked is that it would have been easier to manipulate as soon as they found a false positive that they knew was a false positive. How to do so was not obvious. Some people complained about it. The interface, the ESM, is not user-friendly.
Read full review
RR
Raul Rivera
Cybersecurity Engineer at GFR Media
Oct 7, 2019
It automatically detects security issues. It should be able to protect our network devices while operating autonomously.
Read full review
Traps677 - PeerSpot reviewer
Traps677
IT-Administration at a mining and metals company with 51-200 employees
Jun 24, 2019
Currently, if you use Palo Alto endpoint protection as the only solution it's very complicated to remove pre-existing threats.
Read full review
it_user1009236 - PeerSpot reviewer
it_user1009236
SOC Analyst at a tech services company with 201-500 employees
Jul 9, 2019
The solution needs better reports. I think they should let the customer go in and customize the reports.
Read full review
Show 10 more reviews (out of 107)

Product Categories

Product Categories
Extended Detection and Response (XDR)
Endpoint Protection Platform (EPP)
Endpoint Detection and Response (EDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks
IBM Security QRadar vs Cortex XDR by Palo Alto Networks Logo
IBM Security QRadar vs Cortex XDR by Palo Alto Networks
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks Logo
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks
Varonis Platform vs Cortex XDR by Palo Alto Networks Logo
Varonis Platform vs Cortex XDR by Palo Alto Networks
Elastic Security vs Cortex XDR by Palo Alto Networks Logo
Elastic Security vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks Logo
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks
See all alternatives

Product Categories

Product Categories
Extended Detection and Response (XDR)
Endpoint Protection Platform (EPP)
Endpoint Detection and Response (EDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Endpoint vs Cortex XDR by Palo Alto Networks
IBM Security QRadar vs Cortex XDR by Palo Alto Networks Logo
IBM Security QRadar vs Cortex XDR by Palo Alto Networks
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks Logo
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks
Varonis Platform vs Cortex XDR by Palo Alto Networks Logo
Varonis Platform vs Cortex XDR by Palo Alto Networks
Elastic Security vs Cortex XDR by Palo Alto Networks Logo
Elastic Security vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks Logo
Trellix Endpoint Security Platform vs Cortex XDR by Palo Alto Networks
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks Logo
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks
See all alternatives
Related questions
  • 102
Which SIEM is best fit with Palo Alto Cortex XDR?
  • 110
Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
  • 132
Cortex XDR by Palo Alto vs. Sentinel One
  • 116
FortiXDR vs Cortex Pro - which is the best?
  • 135
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
  • 115
How is Cortex XDR compared with Microsoft Defender?
  • 41
Which is better - Cortex XDR or Symantec End-User Endpoint Security?
  • 26
How would you compare BlackBerry Protect vs Cortex XDR by Palo Alto Networks?
  • 131
What is the best EDR or XDR product for a company with 9000 employees?
  • 127
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?