Cortex XDR by Palo Alto Networks Reviews

We're primarily a Palo Alto shop, and we integrate solutions in the Palo Alto ecosystem. But for firewalls and threat hunting, it's all through Cortex XDR. We also compliment the Cortex XDR product with other endpoint protection solutions, like Windows Defender, or whatever the customer is using,

Stability is a primary factor, and then there's the ease of distribution and policy management. Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them.

It would be good to have a better way to search for a file within the UI. Like in SentinelOne, you can search for an arbitrary file, and in Cortex XDR, you can't. You can do it with an addendum license, but I think we could all benefit from getting it with the standard license. Because if you want to do threat hunting with this product, you have to search for files now and not wait to get a license.

I've been using Cortex XDR by Palo Alto Networks for about two years.

Cortex XDR by Palo Alto Networks is a stable solution.

We used to talk to Palo Alto support extensively, and we always had a pleasant experience and never had a problem with them.

Cortex XDR is quite easy to install. The time it takes to deploy depends on the infrastructure. We have had cases that lasted a few days and other cases where it took two to four months for a proof of concept.

Every customer has to pay for a license because it doesn't work with what you get from a managed services provider. It's quite expensive, and they can't sell it for less than 200 euros a license. It's the lowest license price we can get from them.

I would recommend Cortex XDR by Palo Alto Networks to potential users.

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

We had firewalls set up and it integrated but didn't meet with our regulations.

We were using this solution for endpoint protection.

It's a perfect solution. 

It integrates well into the environment.

I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response. Also, if they could make an on-premises version we would definitely go with Cortes. At this time, they are not offering an on-premises solution.

We had it in our environment for two days.

It's a stable solution.

Cortex XDR by Palo Alto Networks is scalable.

The technical support was good.

We evaluated Fideles and are currently using it, as it meets the regulations and is on-premises.

We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. 

We chose Fidelis. They meet the regulations and they are on-premises.

We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations.

I would rate Cortex XDR by Palo Alto Networks an eight out of ten.

We mainly use it for endpoint protection, exploit prevention, and malware prevention. 

It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. 

It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else.

It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc.
this is good as an endpoint protection to prevent malware, exploits, zero days, ransomware, botnet etc. For features like Host DLP or encryption or patch management, or any such features which are available in basic anti-virus, you cannot expect it in Palo Alto Network's Cortex XDR solution. rest, all features work as expected, without any lagg or slowness observed in the system.

I have been using this solution for a year or something like that. We have been using it from the day they launched or released version 4.0. Currently, they are on version 7.

It is stable. I have never faced any kind of issues or never heard from any of my colleagues that they have faced any kind of issue.

There is no problem with scalability. Currently, we have around 150 users. In our company, it is compulsory to install this agent on all systems. If we want to scale it, we just need to install an agent. There is no upgrading the server or the hardware because it is a SaaS service provided by Palo Alto Networks.

We directly raise issues with Palo Alto Networks, and they support us. I've never directly created a support query because our IT team looks into support queries, but I think it's pretty easy. You'll never face any kind of issues or challenges in raising support queries.

It was straightforward. In earlier versions, such as version 4.0, it was a bit difficult to install the server and then upgrade the agents and servers. These processes were difficult. There are no complications now.

It took us more than a week to deploy because we were implementing it on the systems of various users who were working from home.

We are a partner of Palo Alto Networks, so we have deployed it directly.

We evaluated multiple products. We have evaluated Trend Micro, McAfee, Broadcom Symantec, Sophos, and many other products. Each product is good in its own field. We chose Cortex because we already had a Palo Alto Networks firewall. It got integrated easily, and the co-relation part and the co-relation engine worked very well.

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex.

I would rate Cortex XDR a nine out of ten.

We are a solution provider and one of the Palo Alto products that we implement for our clients is Cortex XDR (Extended Detection and Response).

It is also known as Traps, and it is mostly used for endpoint protection. For example, when remote users want to connect to their organization using a VPN, they will be protected.

The protection offered by this product is good, as is the endpoint reporting.

Once installed, this product is easy to manage, whether it is on-premises or the cloud-based management system.

There are a lot of logs generated and an engineer has to go through all of the events to find out exactly what the bottleneck is. We do need to collect the events but this can be time-consuming. Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer.

A better pricing plan would make this product more competitive.

We have been dealing with Palo Alto, including Cortex XDR for more than three years.

This is a stable product and it is good, but we will keep evaluating other products as we continue to offer this type of solution to our customers.

Cortex XDR is a scalable solution.

The technical support team is good, and we can reach them quickly and easily. However, finding a resolution might take time.

We have used Cylance in the past, although we stopped using it about three years ago.

We are currently using K7 Endpoint Protection. Unfortunately, it is not catching anything, whether it is malware or a virus.

When we first implemented this product, it was called Traps. However, I don't see any difference, other than the name. For new customers, it might be a bit difficult to install and set up. It takes perhaps eight hours to install.

I deployed this product, and I was also involved with the initial POC.

Only one admin is needed for deployment and a second person should be available to work with the users.

This is an expensive solution.

We are currently trying to evaluate ELK.

Overall, this is a good product and I can recommend it to others.

I would rate this solution an eight out of ten.

We are using it for a banking client.

Its interface and pricing are most valuable. It is better than other vendors in terms of security.

It is not very strong in terms of endpoint management. It should have additional features like DLP, encryption, or advanced device control. Currently, Cortex is good in terms of the security of the endpoints, but it is not as good as other vendors in terms of the management of the endpoint.

I have been using this solution for two years.

It is very stable. I wouldn't recommend the latest version. Being a new version, it would have bugs, which is similar to the new versions of other products.

In Peru, we have approximately 20,000 users. The banking client doesn't have any plans to expand the usage. We might increase its usage by 200 to 500 with new clients.

Technical support of Palo Alto is the best.

It is very easy to deploy. The deployment is quick. The deployment of the management console takes just two hours, but the deployment of the agent takes approximately a month.

We have five to eight engineers for deployment and maintenance.

I would rate Cortex XDR a nine out of 10.

We have deployed Cortex XDR for a couple of clients in manufacturing.

Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus.

The dashboard could be more user-friendly.

I've been using Cortex XDR for two years.

Cortex XDR is stable enough.

Cortex's scalability is good. We have about 200 users on it at the moment. 

Palo Alto support is great. 

Cortex XDR is trickier to configure than other Palo Alto products. This is one area where we are not so satisfied. We need two people to deploy and maintain the solution. 

Our clients pay for the license every year. It's just a standard fee with no additional costs. 

I rate Cortex XDR eight out of 10. 

We deploy this solution in Universities and banks because it's private. Our company is a private company.

They did what they said. This solution could apply to any scenario.

The configuration could be simplified.

I would like to see better protection, specifically to protect email applications.

This solution is stable.

It's easy to deploy

You need the experience to configure the equipment, but the configuration is easy to deploy.

The price could be improved. Our customers have expressed that the price is high. When compared with other services, it's more expensive, but it's not too high.

I would rate this solution a ten out of ten.

The integration with other products, the firewall, and the IPS are good features.

The solution needs better reports. I think they should let the customer go in and customize the reports. 

It could also use better graphics and more information.

The stability of the solution is very good. We have about 100 users on it right now, and we use it twice a week.

Technical support has been very good.

I recommend using this solution and I would rate the solution an eight out of 10.