Cortex XDR by Palo Alto Networks Reviews

In terms of what could be improved in Cortex XDR, definitely the host insights module. The ability to kind of take a look at what applications are running on the endpoint is a new feature, but there is a lot of room for improvement there in terms of versioning and so forth.

Additionally, the dashboard could use some significant improvement, just making it more useful with more information. It has a limited amount of information right now. It is customizable, but I'd love to see a better out-of-box dashboard.

I have been working with Cortex XDR over the last year, at least.

On a scale of one to ten, I would give Cortex XDR by Palo Alto Networks an eight.

We deploy this solution in Universities and banks because it's private. Our company is a private company.

They did what they said. This solution could apply to any scenario.

The configuration could be simplified.

I would like to see better protection, specifically to protect email applications.

This solution is stable.

It's easy to deploy

You need the experience to configure the equipment, but the configuration is easy to deploy.

The price could be improved. Our customers have expressed that the price is high. When compared with other services, it's more expensive, but it's not too high.

I would rate this solution a ten out of ten.

We use this solution specifically in endpoint response, endpoint detection, endpoint sandboxing, and as a firewall.

The product is mostly automated, and we do not have to make decisions. All the decisions are made by the product itself. 

We are not required to create any custom policies. 

The policies that are created are well defined in the product itself.

The most valuable feature is that you can select remote access of any machine for sandboxing.

Irrespective of whether you have the rights or not, you can still access it from the cloud.

I would like to see some sort of attachment scanning included.

Data privacy is a matter of concern. You have to be careful with data privacy, it can be sensitive and Cortex can have most of your access.

I want a plugin for email attachment scanning and email body scanning.

I have been using this solution for two years.

We are using version seven.

Scalability is not a problem with this solution.

It's a cloud setup. You can scale in and you can scale out as per the cloud.

We have close to 500 users in our company.

Technical support is very good, but it can be a problem, especially in the Gulf region.

If you do not take direct support, you have to wait for 72 hours. 

Also, direct support is a little bit costly.

We used McAfee previously. We switched because the solution is pretty automated. You don't have to manually decide on the policy.

The initial setup is pretty straightforward.

In one hour, you can deploy the entire setup and get started.

After the setup, deployment can take up to three to four days.

We had one admin test the solution and maintain it for us.

We did not use an integrator or vendor team. 

The pricing is okay, although direct support can be expensive.

It is a very straightforward product with minimum administer interference, once it is deployed.

I would rate this solution a seven out of ten.

We're primarily a Palo Alto shop, and we integrate solutions in the Palo Alto ecosystem. But for firewalls and threat hunting, it's all through Cortex XDR. We also compliment the Cortex XDR product with other endpoint protection solutions, like Windows Defender, or whatever the customer is using,

Stability is a primary factor, and then there's the ease of distribution and policy management. Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them.

It would be good to have a better way to search for a file within the UI. Like in SentinelOne, you can search for an arbitrary file, and in Cortex XDR, you can't. You can do it with an addendum license, but I think we could all benefit from getting it with the standard license. Because if you want to do threat hunting with this product, you have to search for files now and not wait to get a license.

I've been using Cortex XDR by Palo Alto Networks for about two years.

Cortex XDR by Palo Alto Networks is a stable solution.

We used to talk to Palo Alto support extensively, and we always had a pleasant experience and never had a problem with them.

Cortex XDR is quite easy to install. The time it takes to deploy depends on the infrastructure. We have had cases that lasted a few days and other cases where it took two to four months for a proof of concept.

Every customer has to pay for a license because it doesn't work with what you get from a managed services provider. It's quite expensive, and they can't sell it for less than 200 euros a license. It's the lowest license price we can get from them.

I would recommend Cortex XDR by Palo Alto Networks to potential users.

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

We use Cortex XDR by Palo Alto Networks for its ability to detect based on behavior rather than simple virus scan to prevent malicious activities. We also use it to go in and white list things that are okay. This way, they won't get blocked.

The behavior-based detection feature is valuable. 

It'll help if customization was easier. It would be better than how it's now if it came out of the box using their stock set up to get it up-and-running. Then you go in, and you add more restrictive things to make it better.

I have been using Cortex XDR by Palo Alto Networks for a little over a year.

Technical support has been fine.

The initial setup isn't straightforward or complex. It's somewhere in the middle. Like 90% of the features are there out of the box. When you start doing more complex things, it becomes more complicated. For example, if we wanted to limit someone's ability to plug in and access a USB stick, we have to create a profile to do that, and that's an advanced functionality.

We did most of the deployment in-house.

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

We are a solution provider and one of the Palo Alto products that we implement for our clients is Cortex XDR (Extended Detection and Response).

It is also known as Traps, and it is mostly used for endpoint protection. For example, when remote users want to connect to their organization using a VPN, they will be protected.

The protection offered by this product is good, as is the endpoint reporting.

Once installed, this product is easy to manage, whether it is on-premises or the cloud-based management system.

There are a lot of logs generated and an engineer has to go through all of the events to find out exactly what the bottleneck is. We do need to collect the events but this can be time-consuming. Being able to filter the events to see those that are related to the actual alert would save time spent by the engineer.

A better pricing plan would make this product more competitive.

We have been dealing with Palo Alto, including Cortex XDR for more than three years.

This is a stable product and it is good, but we will keep evaluating other products as we continue to offer this type of solution to our customers.

Cortex XDR is a scalable solution.

The technical support team is good, and we can reach them quickly and easily. However, finding a resolution might take time.

We have used Cylance in the past, although we stopped using it about three years ago.

We are currently using K7 Endpoint Protection. Unfortunately, it is not catching anything, whether it is malware or a virus.

When we first implemented this product, it was called Traps. However, I don't see any difference, other than the name. For new customers, it might be a bit difficult to install and set up. It takes perhaps eight hours to install.

I deployed this product, and I was also involved with the initial POC.

Only one admin is needed for deployment and a second person should be available to work with the users.

This is an expensive solution.

We are currently trying to evaluate ELK.

Overall, this is a good product and I can recommend it to others.

I would rate this solution an eight out of ten.

We mainly use it for endpoint protection, exploit prevention, and malware prevention. 

It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. 

It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else.

It is not a suitable solution if you are looking for a single product with multiple features such as DLP, encryption, rollback, etc.
this is good as an endpoint protection to prevent malware, exploits, zero days, ransomware, botnet etc. For features like Host DLP or encryption or patch management, or any such features which are available in basic anti-virus, you cannot expect it in Palo Alto Network's Cortex XDR solution. rest, all features work as expected, without any lagg or slowness observed in the system.

I have been using this solution for a year or something like that. We have been using it from the day they launched or released version 4.0. Currently, they are on version 7.

It is stable. I have never faced any kind of issues or never heard from any of my colleagues that they have faced any kind of issue.

There is no problem with scalability. Currently, we have around 150 users. In our company, it is compulsory to install this agent on all systems. If we want to scale it, we just need to install an agent. There is no upgrading the server or the hardware because it is a SaaS service provided by Palo Alto Networks.

We directly raise issues with Palo Alto Networks, and they support us. I've never directly created a support query because our IT team looks into support queries, but I think it's pretty easy. You'll never face any kind of issues or challenges in raising support queries.

It was straightforward. In earlier versions, such as version 4.0, it was a bit difficult to install the server and then upgrade the agents and servers. These processes were difficult. There are no complications now.

It took us more than a week to deploy because we were implementing it on the systems of various users who were working from home.

We are a partner of Palo Alto Networks, so we have deployed it directly.

We evaluated multiple products. We have evaluated Trend Micro, McAfee, Broadcom Symantec, Sophos, and many other products. Each product is good in its own field. We chose Cortex because we already had a Palo Alto Networks firewall. It got integrated easily, and the co-relation part and the co-relation engine worked very well.

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex.

I would rate Cortex XDR a nine out of ten.

We had firewalls set up and it integrated but didn't meet with our regulations.

We were using this solution for endpoint protection.

It's a perfect solution. 

It integrates well into the environment.

I would like to see them include NDR (Network Detection Response). Then it would work well with SIEM Response. Also, if they could make an on-premises version we would definitely go with Cortes. At this time, they are not offering an on-premises solution.

We had it in our environment for two days.

It's a stable solution.

Cortex XDR by Palo Alto Networks is scalable.

The technical support was good.

We evaluated Fideles and are currently using it, as it meets the regulations and is on-premises.

We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. 

We chose Fidelis. They meet the regulations and they are on-premises.

We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations.

I would rate Cortex XDR by Palo Alto Networks an eight out of ten.