Try our new research platform with insights from 80,000+ expert users
Cortex XDR by Palo Alto Networks Logo

Cortex XDR by Palo Alto Networks Reviews

Vendor: Palo Alto Networks
4.2 out of 5
Badge Leader
Leave a review

What is Cortex XDR by Palo Alto Networks?

Cortex XDR by Palo Alto Networks delivers comprehensive endpoint security, integrating well with other systems to offer robust threat detection and real-time protection through AI-driven analytics.

Get the Cortex XDR by Palo Alto Networks Buyer's Guide and find out what your peers are saying about Cortex XDR by Palo Alto Networks, CrowdStrike Falcon, Wazuh and more!
Cortex XDR by Palo Alto Networks is the #2 ranked solution in top Ransomware Protection solutions, #3 ranked solution in top AI-Powered Cybersecurity Platforms solutions, #5 ranked solution in endpoint security software, #7 ranked solution in XDR Security products, and #9 ranked solution in EDR tools. PeerSpot users give Cortex XDR by Palo Alto Networks an average rating of 8.4 out of 10. Cortex XDR by Palo Alto Networks is most commonly compared to CrowdStrike Falcon: Cortex XDR by Palo Alto Networks vs CrowdStrike Falcon. Cortex XDR by Palo Alto Networks is popular among the large enterprise segment, accounting for 53% of users researching this solution on PeerSpot. The top industry researching this solution are professionals from a computer software company, accounting for 13% of all views.
Buyer's Guide
Cortex XDR by Palo Alto Networks
November 2025
Get the report
Helped 873,347 peers since 2012

Featured Cortex XDR by Palo Alto Networks reviews

Read more reviews

Cortex XDR by Palo Alto Networks mindshare

Product category:
Extended Detection and Response (XDR)
As of November 2025, the mindshare of Cortex XDR by Palo Alto Networks in the Extended Detection and Response (XDR) category stands at 5.2%, down from 5.9% compared to the previous year, according to calculations based on PeerSpot user engagement data.
Extended Detection and Response (XDR) Market Share Distribution
ProductMarket Share (%)
Cortex XDR by Palo Alto Networks5.2%
CrowdStrike Falcon11.8%
Wazuh9.6%
Other73.4%
Extended Detection and Response (XDR)

PeerResearch reports based on Cortex XDR by Palo Alto Networks reviews

TypeTitleDate
CategoryExtended Detection and Response (XDR)Nov 12, 2025Download
ProductReviews, tips, and advice from real usersNov 12, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs CrowdStrike FalconNov 12, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs Microsoft Defender XDRNov 12, 2025Download
ComparisonCortex XDR by Palo Alto Networks vs Trend Vision OneNov 12, 2025Download
Suggested products
TitleRatingMindshareRecommending
CrowdStrike Falcon4.311.8%97%135 interviewsAdd to research
Wazuh3.79.6%80%49 interviewsAdd to research
 
 
Key learnings from peers

Valuable Features

Cortex XDR by Palo Alto Networks offers high-performance analytics, seamless integration, user-friendly interface, and automated event correlation. It excels in behavior-based detection, providing strong endpoint and network security. Features like WildFire and machine learning enhance threat detection, while centralized management allows for easy incident investigation. It supports policy management, USB control, and integrates with firewalls. Users appreciate its non-intrusive design, resource efficiency, and robust AI-driven security capabilities.
  • "The best feature of Cortex XDR by Palo Alto Networks is that it collects logs from different sections such as the endpoint, the network, and the cloud, making it easy to investigate alerts, collect some of the investigation packages related to the infected machines, and provide live response."
  • "After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful."
  • "Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's."

Room for Improvement

Cortex XDR by Palo Alto Networks could enhance network detection response and provide an on-premises version. Improved reporting and customizable dashboards are needed. Endpoint performance and the user interface require upgrades. Integration with third-party solutions, URL filtering on endpoints, and better detection for internal threats are needed. Automation and pricing should be improved. False positives and training for users are areas to address, with enhanced support for various operating systems and expanded features such as data loss prevention.
  • "Cortex XDR by Palo Alto Networks is a very good product, but financially, it is very expensive, so the company should look into that area."
  • "If you compare it to SentinelOne, which has more functionalities and detection capabilities on an open platform, the pricing on SentinelOne is far more reasonable and cheaper than Cortex XDR by Palo Alto Networks."
  • "To jump from the partner to Palo Alto directly was challenging."

ROI

Organizations implementing Cortex XDR by Palo Alto Networks experienced significant benefits. They reported increased security with no malware infections post-deployment and confidence in preventing ransomware. Cortex XDR blocked harmful files, reduced false positives, and minimized breach incidents, leading to savings on operational expenses. It boosted user satisfaction, supported compliance efforts, and offered robust threat identification with telemetry data. Many valued its ability to replace multiple security solutions, thereby lowering administrative efforts.

Pricing

Enterprise users report that Cortex XDR by Palo Alto Networks is perceived as expensive, with costs varying from $20 to $90 per endpoint annually. Some find it cost-effective compared to competitors, though others highlight higher setup costs and price disparity with solutions like SentinelOne and Sophos. Dynamic and flexible licensing models are appreciated, allowing easy adjustments and upgrades. Despite being costly, many users believe its robust features justify the price for comprehensive protection.
  • "The tool's price is moderate."
  • "Compared to CrowdStrike, Cortex XDR is an expensive solution."
  • "The cost depends on your chosen license type, like Pro or other licenses."

Popular Use Cases

Organizations primarily utilize Cortex XDR by Palo Alto Networks for endpoint protection, including detection and response against exploits, malware, and advanced threats. It integrates with firewalls, provides behavioral analysis, monitors user activity, and enhances visibility across endpoints and networks. It is favored for anti-malware capabilities, policy management, and regulating applications. The platform's adaptability is demonstrated through widespread implementation in diverse sectors, such as finance, education, and information technology, ensuring robust protection against cyber threats.

Service and Support

Cortex XDR by Palo Alto Networks has received mixed feedback regarding customer support. Many users commend the prompt and knowledgeable assistance, rating it highly. However, some have noted issues with response times and language barriers, particularly when first-level support involves third-party vendors. For complex problems, users appreciate the expertise when reaching higher-tier support. Overall customer satisfaction appears to depend on the regional availability of skilled staff and direct access to Palo Alto's team.

Deployment

Many users find the initial setup of Cortex XDR by Palo Alto Networks straightforward and easy, especially with experience or knowledge of the infrastructure. The deployment time depends on various factors, including infrastructure complexity and environment size, ranging from a few hours to several weeks. Users appreciate the cloud-based deployment for its ease of use, though some observe challenges in complex configurations or initial learning curves. The automatic updates simplify ongoing management tasks.

Scalability

Cortex XDR by Palo Alto Networks is described as highly scalable due to its cloud-based architecture, facilitating easy deployment across large numbers of endpoints. Organizations appreciate its ability to scale from a small to large user base without requiring significant infrastructure changes. Many users have successfully deployed it across thousands of devices, praising its seamless integration with existing systems. They find it efficient for diverse enterprises across various sectors.

Stability

Cortex XDR by Palo Alto Networks is highly stable, with users praising its reliability across various platforms. It generally experiences no crashes, bugs, or glitches. While early versions had some issues, stability has improved significantly in later releases. Occasional bugs are resolved promptly. Users rate its stability highly, noting dependable and consistent performance. Challenges include complex upgrades and false alerts, but these do not overshadow its overall stable operation and high performance.
These insights are based on the in-depth reviews provided by peers to help you make a better buying decision.
Download our Cortex XDR by Palo Alto Networks Buyer's Guide for additional reliable information.

Review data by company size

By reviewers
Company SizeCount
Small Business40
Midsize Enterprise18
Large Enterprise33
By reviewers
By visitors reading reviews
Company SizeCount
Small Business746
Midsize Enterprise410
Large Enterprise1297
By visitors reading reviews

Top industries

By visitors reading reviews
Computer Software Company
13%
Financial Services Firm
9%
Manufacturing Company
8%
Government
6%
Comms Service Provider
6%
University
5%
Healthcare Company
4%
Retailer
4%
Educational Organization
4%
Energy/Utilities Company
3%
Outsourcing Company
3%
Construction Company
3%
Media Company
3%
Real Estate/Law Firm
3%
Performing Arts
3%
Insurance Company
3%
Wholesaler/Distributor
2%
Non Profit
2%
Hospitality Company
2%
Transportation Company
2%
Recreational Facilities/Services Company
2%
Legal Firm
1%
Pharma/Biotech Company
1%
Recruiting/Hr Firm
1%
Logistics Company
1%
Consumer Goods Company
1%

Compare Cortex XDR by Palo Alto Networks with alternative products

Go!

Learn more about Cortex XDR by Palo Alto Networks

Cortex XDR by Palo Alto Networks offers advanced endpoint protection and threat detection through AI and behavior-based analytics. Its user-friendly design simplifies integration with firewalls, delivering multi-layered protection with low resource consumption. Valued for policy management, USB control, and incident correlation, Cortex XDR enhances threat management and real-time threat hunting capabilities. However, users note challenges with third-party integration, reporting, and dashboard automation. Agent performance across operating systems and memory consumption are areas for improvement, alongside reducing false positives and simplifying endpoint management and setup.

What features does Cortex XDR offer?

  • Behavior-Based Detection: Analyzes user behavior to identify suspicious activities.
  • AI Analytics: Utilizes AI for accurate threat detection and response.
  • Real-Time Protection: Provides immediate defense against threats.
  • Policy Management: Allows customization of security policies across endpoints.
  • USB Control: Regulates USB device access for added security.
  • Incident Correlation: Connects and analyzes various security events for better response.
  • Firewall Integration: Seamlessly works with firewalls for enhanced security.
  • Machine Learning Capabilities: Continuously improves threat detection precision.

What benefits should be considered in reviews?

  • Low Resource Consumption: Efficient security functions without taxing system resources.
  • Multi-Layered Protection: Comprehensive security across multiple attack vectors.
  • User-Friendly Interface: Intuitive design for easier management.
  • Enhanced Threat Management: Identifies and mitigates threats effectively.
  • Real-Time Threat Hunting: Proactively searches for and mitigates potential threats.

Cortex XDR is crucial in industries requiring robust endpoint protection, such as finance, healthcare, and technology. It supports malware detection, behavioral analysis, and ransomware mitigation across endpoints, including remote work environments, providing comprehensive threat visibility and security policy management. The solution's integration with firewalls and specialized industry requirements enhances security posture in diverse operational settings.

Cortex XDR by Palo Alto Networks was previously known as Cyvera, Cortex XDR, Palo Alto Networks Traps.

Cortex XDR by Palo Alto Networks customers

CBI Health Group, University Honda, VakifBank

Related questions

  • 144
Which SIEM is best fit with Palo Alto Cortex XDR?
  • 72
Which product would you choose: Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks?
  • 86
Cortex XDR by Palo Alto vs. Sentinel One
  • 45
FortiXDR vs Cortex Pro - which is the best?
  • 100
Comparing CrowdStrike Falcon to Cortex XDR (Palo Alto)
  • 82
How is Cortex XDR compared with Microsoft Defender?
  • 12
Which is better - Cortex XDR or Symantec End-User Endpoint Security?
  • 8
How would you compare BlackBerry Protect vs Cortex XDR by Palo Alto Networks?
  • 55
What is the best EDR or XDR product for a company with 9000 employees?
  • 19
When evaluating Extended Detection and Response (XDR), what aspect do you think is the most important to look for?

Product Categories

Product Categories
Extended Detection and Response (XDR)
Endpoint Protection Platform (EPP)
Endpoint Detection and Response (EDR)
Ransomware Protection
AI-Powered Cybersecurity Platforms

Popular Comparisons

Popular Comparisons
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks Logo
CrowdStrike Falcon vs Cortex XDR by Palo Alto Networks
Wazuh vs Cortex XDR by Palo Alto Networks Logo
Wazuh vs Cortex XDR by Palo Alto Networks
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender for Endpoint vs Cortex XDR by Palo Alto Networks
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiEDR vs Cortex XDR by Palo Alto Networks
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks Logo
Microsoft Sentinel vs Cortex XDR by Palo Alto Networks
Darktrace vs Cortex XDR by Palo Alto Networks Logo
Darktrace vs Cortex XDR by Palo Alto Networks
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks Logo
SentinelOne Singularity Complete vs Cortex XDR by Palo Alto Networks
IBM Security QRadar vs Cortex XDR by Palo Alto Networks Logo
IBM Security QRadar vs Cortex XDR by Palo Alto Networks
HP Wolf Security vs Cortex XDR by Palo Alto Networks Logo
HP Wolf Security vs Cortex XDR by Palo Alto Networks
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks Logo
Microsoft Defender XDR vs Cortex XDR by Palo Alto Networks
Elastic Security vs Cortex XDR by Palo Alto Networks Logo
Elastic Security vs Cortex XDR by Palo Alto Networks
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks Logo
Fortinet FortiClient vs Cortex XDR by Palo Alto Networks
Tanium vs Cortex XDR by Palo Alto Networks Logo
Tanium vs Cortex XDR by Palo Alto Networks
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks Logo
WatchGuard Firebox vs Cortex XDR by Palo Alto Networks
Varonis Platform vs Cortex XDR by Palo Alto Networks Logo
Varonis Platform vs Cortex XDR by Palo Alto Networks
See all alternatives
 
Cortex XDR by Palo Alto Networks Reviews Summary
Author infoRatingReview Summary
Cyber Security Manager at Welab bank4.5As a cybersecurity manager with experience in Cortex XDR by Palo Alto Networks, I value its advanced threat detection and user-friendly GUI. While it offers a good ROI, improvements in sales support and expanded AI features would enhance its effectiveness.
IT COMMUNICATIONS AND NETWORKS at Américas BPS5.0I found Cortex XDR by Palo Alto Networks effective, easy to set up, and non-intrusive. It reliably detected threats, automation via playbooks worked well, and support was solid, though reaching Palo Alto directly was sometimes challenging.
Cyber Security Information Security Specialist at MHM Holding GmbH4.5I've found Cortex XDR effective for advanced threat detection, especially its behavioral engine and logging. It's stable, easy to deploy, integrates well, and offers good ROI, though the NTA pricing could be improved.
Pre-Sales Architect at network techlab4.5I work with Cortex XDR by Palo Alto Networks for its next-gen antivirus and threat prevention. It offers valuable automation and analytics but needs improvements like data loss prevention and multi-tenancy features. Its compliance capabilities enhance cost-saving returns.
Head of data centers at a non-profit with 10,001+ employees4.0I've used Cortex XDR for over a year to detect and block threats effectively in real-time, appreciating its AI-driven analysis and smooth integration, though it's expensive; support is excellent, and it greatly improved security over our previous solution.
Consultant at a tech services company with 1,001-5,000 employees4.0I find Cortex XDR stable, easy to implement, and less intrusive than SentinelOne, though it lacks detailed detection and open integrations. It's pricier, but reliable; I rated it an eight for its simplicity and non-disruptive performance.
Detection and Response Consultant at Inovasys4.5I've found Cortex XDR by Palo Alto Networks effective in detecting and mitigating advanced threats with strong real-time capabilities, easy investigation tools, minimal analyst workload, and cost efficiency, though I’ve noted no current weaknesses in the product.
Senior Security Consultant at helpag5.0Our company uses Cortex XDR for endpoint protection and compliance, integrating with Palo Alto's firewall for enhanced visibility. It's effective but needs mandatory network integration and an on-premises option for full XDR benefits and broader vendor compatibility.