Cortex XDR by Palo Alto Networks Reviews

Name: Cortex XDR by Palo Alto Networks
Brand: Palo Alto Networks
Rating: 4.2 (90 reviews)

Vendor: Palo Alto Networks

4.2 out of 5

90 reviews
95% willing to recommend

1,016 followers

Start review

What is Cortex XDR by Palo Alto Networks?

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Get the Cortex XDR by Palo Alto Networks Buyer's Guide and find out what your peers are saying about Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Microsoft Defender for Endpoint and more!

Cortex XDR by Palo Alto Networks is the #2 ranked solution in top Ransomware Protection solutions, #4 ranked solution in endpoint security software, #4 ranked solution in top AI-Powered Cybersecurity Platforms solutions, and #7 ranked solution in XDR Security products. PeerSpot users give Cortex XDR by Palo Alto Networks an average rating of 8.4 out of 10. Cortex XDR by Palo Alto Networks is most commonly compared to CrowdStrike Falcon: Cortex XDR by Palo Alto Networks vs CrowdStrike Falcon. Cortex XDR by Palo Alto Networks is popular among the large enterprise segment, accounting for 56% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 14% of all views.

Buyer's Guide

Cortex XDR by Palo Alto Networks

April 2025

Get the report

Helped 849,686 peers since 2012

Featured Cortex XDR by Palo Alto Networks reviews

Mohammad Qaw

Senior Security Consultant at helpag

The solution perfectly correlates with Palo Alto's Networks Firewall to perform XDR capabilities such as network traffic plus endpoint security. This is what distinguishes the solution from other products. From a single pane of glass, you can easily manage all of your endpoints. The dashboard is intuitive so you can easily investigate or track incidents. The solution has a fair amount of integrations with certain intelligence tools or third-party products.

Read full review

NiteshSharma

Pre-Sales Architect at network techlab

Cortex XDR by Palo Alto Networks ( /products/cortex-xdr-by-palo-alto-networks-reviews ) is a good product, serving as a next-generation antivirus with extended detection and response features. It offers threat prevention, behavioral control, automation in threat response, and analytics capabilities, which enhance security measures. The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs.

Read full review

EhabAli

Sr. Cybersecurity Solutions Architect at BMB

Some of my customers have McAfee, Symantec, or Kaspersky. Palo Alto can integrate with other vendors, so it's not locked to one single vendor. Other vendors like Trend Micro, Bitdefender, CrowdStrike, etc. have limitations on log collection from other places. On Palo Alto's datasheet, it tells you that it can talk to Check Point, Fortinet, etc. It's pretty awesome. I believe this is a huge advantage that allows us to implement Cortex anywhere.

Read full review

Cortex XDR by Palo Alto Networks mindshare

Product category:

As of May 2025, the mindshare of Cortex XDR by Palo Alto Networks in the Endpoint Protection Platform (EPP) category stands at 3.9%, down from 5.1% compared to the previous year, according to calculations based on PeerSpot user engagement data.

Endpoint Protection Platform (EPP)

PeerResearch reports based on Cortex XDR by Palo Alto Networks reviews

Type	Title	Date
Category	Endpoint Protection Platform (EPP)	Apr 30, 2025	Download
Product	Reviews, tips, and advice from real users	Apr 30, 2025	Download
Comparison	Cortex XDR by Palo Alto Networks vs Microsoft Defender for Endpoint	Apr 30, 2025	Download
Comparison	Cortex XDR by Palo Alto Networks vs CrowdStrike Falcon	Apr 30, 2025	Download
Comparison	Cortex XDR by Palo Alto Networks vs SentinelOne Singularity Complete	Apr 30, 2025	Download

Title	Rating	Mindshare	Recommending
CrowdStrike Falcon	4.3	11.1%	96%	126 interviews Add to research
Microsoft Defender for Endpoint	4.1	10.9%	94%	194 interviews Add to research

Valuable Features

Cortex XDR by Palo Alto Networks excels in endpoint and server security with advanced threat detection, machine learning capabilities, and behavior-based analytics. It seamlessly integrates with other Palo Alto products, offering centralized management, user-friendly dashboards, and extensive visibility. Its strong malware protection, customizable policies, and sandboxing enhance security measures. Users appreciate its integration capabilities, rapid threat response, and network traffic monitoring, benefiting from artificial intelligence-driven insights and low resource consumption.

"On a scale from one to ten, I would rate Cortex XDR by Palo Alto Networks a nine."
"Cortex XDR is stable, offering high quality and reliable performance."
"Cortex XDR features advanced threat detection capabilities."

Room for Improvement

Cortex XDR by Palo Alto Networks requires enhancements in user interface, reporting customization, false positive reduction, and better integration with third-party tools. Performance issues arise from high memory usage and the complexity of setup and management. Features such as improved endpoint management, real-time monitoring, and threat detection need refinement. Users express a desire for enhanced automation, on-premises options, and support for additional operating systems, alongside improved customer education and pricing structures.

"I recommend adding a data loss prevention (DLP) solution to Cortex XDR by Palo Alto Networks. The inclusion of this feature would allow the application of DLP policies alongside antivirus policies via a single agent and console, making it more competitive as other OEMs often offer DLP solutions as part of their antivirus products."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."
"Cortex XDR could improve its sales support team, including better commission structures and referral programs."

ROI

Users indicate significant ROI from Cortex XDR by Palo Alto Networks due to malware incident reduction. They experience decreased breaches, enhanced security, compliance support, operational savings, and increased performance. Multiple solutions are replaced, reducing administrative efforts. Ransomware attacks are prevented, providing confidence in network safety. Users find the tool cost-effective, appreciating the rich telemetry data. Cortex XDR by Palo Alto Networks aligns with company goals to secure data and maintain integrity across web-based and on-premise applications.

Pricing

Cortex XDR by Palo Alto Networks is perceived as expensive by many users, though some find it reasonably priced given its robust features. The pricing structure is flexible, allowing licenses to adjust based on user numbers, and additional costs may arise for advanced options like secure remote access. The solution is offered with an annual or monthly subscription model. Discounts may be negotiated through local dealers, with prices around $55 to $90 USD per endpoint per month.

"The tool's price is moderate."
"Compared to CrowdStrike, Cortex XDR is an expensive solution."
"The cost depends on your chosen license type, like Pro or other licenses."

Popular Use Cases

Organizations primarily use Cortex XDR by Palo Alto Networks for endpoint protection, incident detection, and threat response. It focuses on identifying and mitigating malware, exploits, and suspicious activities on endpoints and servers. The tool combines antivirus capabilities with endpoint detection and response, ensuring protection against unauthorized access and ransomware threats. Cortex XDR also provides comprehensive visibility by integrating with firewalls and other network systems, facilitating advanced threat analytics and behavioral control.

Service and Support

Customers have mixed experiences with Cortex XDR by Palo Alto Networks' support. Many praise them for their fast response, expertise, and helpfulness. Some have faced challenges with communication and technical knowledge variability. Generally, customer service is deemed satisfactory but can be inconsistent in availability, especially for complex or urgent cases, leading to occasional frustration. Certain regions experience longer wait times or difficulties in direct access, influencing perceptions of efficiency and clarity.

Deployment

Users found the initial setup of Cortex XDR by Palo Alto Networks generally straightforward, with deployment times varying from minutes to months depending on infrastructure and resources. Cloud-based deployments tended to be quicker, while on-premises setups required more preparation. Some users mentioned needing multiple personnel, while others managed with minimal staff. Experience and familiarity with infrastructure positively impacted the ease of setup. Dynamic updates and cloud management facilitated simplified maintenance.

Scalability

Cortex XDR by Palo Alto Networks is highly scalable, used by thousands of employees across various organizations, effortlessly handling thousands of endpoints. It allows deployment on a wide range of devices and operating systems without issues, leveraging cloud capabilities for efficient scaling. Organizations can expand their usage as needed, only requiring license adjustments. Its architecture supports large enterprises, providing robust data processing and analysis, ensuring seamless scalability even with significant numbers of users and endpoints.

Stability

Cortex XDR by Palo Alto Networks is praised for its stability and high performance. Users report no significant issues, with no bugs or glitches, and it's known not to crash or freeze. It's reliable, highly stable, and rated well for stability. Instances of instability are rare, typically linked to early versions or upgrades. Cortex XDR's consistent performance and strong security make it a preferred choice, setting a high standard in its category.

These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.

Download our Cortex XDR by Palo Alto Networks Buyer's Guide for additional reliable information.

Review data by company size

By reviewers

By visitors reading reviews

Top industries

By visitors reading reviews

Computer Software Company

14%

Financial Services Firm

Manufacturing Company

Government

Comms Service Provider

University

Retailer

Healthcare Company

Educational Organization

Construction Company

Energy/Utilities Company

Insurance Company

Real Estate/Law Firm

Media Company

Non Profit

Legal Firm

Hospitality Company

Wholesaler/Distributor

Outsourcing Company

Recreational Facilities/Services Company

Transportation Company

Performing Arts

Recruiting/Hr Firm

Logistics Company

Pharma/Biotech Company

Consumer Goods Company

Compare Cortex XDR by Palo Alto Networks with alternative products

Learn more about Cortex XDR by Palo Alto Networks

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
AI Analytics: Utilizes AI for accurate threat detection and response.
Real-Time Protection: Provides immediate defense against threats.
Policy Management: Allows customization of security policies across endpoints.
USB Control: Regulates USB device access for added security.
Incident Correlation: Connects and analyzes various security events for better response.
Firewall Integration: Seamlessly works with firewalls for enhanced security.
Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

Low Resource Consumption: Efficient security functions without taxing system resources.
Multi-Layered Protection: Comprehensive security across multiple attack vectors.
User-Friendly Interface: Intuitive design for easier management.
Enhanced Threat Management: Identifies and mitigates threats effectively.
Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Cortex XDR by Palo Alto Networks was previously known as Cyvera, Cortex XDR, Palo Alto Networks Traps.