Cortex XDR by Palo Alto Networks Reviews

We are still in the testing stages so there is not currently any primary use case beyond the base use of endpoint protection.  

Cortex has several good features that I am interested in. There is a nice Sandbox function that is very strong, there is the Traps (endpoint protection) solution, the real-time filtering of suspect linkages is good, and the automatic blocking of suspect behavior is always active and protecting the network.  

As an improvement, I would like to see enhanced connection speeds. On China's side, we need to set up a local server for the definition updates, and the performance has not been very good for the company when directly connected to the internet. We are a little disappointed with that.  

We have been using Cortex XDR (Extended Detection and Response) for around two months.  

It is stable. From the moment we installed it has been up with no restarts of maintenance until now.  

I think that this product is scalable. The testing environment we use right now has around 200 users. In the future, when we deploy it to the company we will move up to around 4,000 users.  

The technical support is okay. They have already helped us to fix the installation and then we had an issue and they were available for correction of the problem. They also have made some useful suggestions. So the support team is okay in my estimation.  

We have been exploring a similar solution. Right now I am also doing testing on Sentinel at the center. This is a similar solution. But we have only just begun testing Sentinel, so we do not really have enough experience with it to comment on the product.  

As we just started with Cortex and we are using a cloud solution, I do not have the impression that it was difficult to install and begin using.  

The setup costs are a bit higher than some other solutions. Overall it is a little bit expensive, I think. If we could get it for around a 10% discount then that would be a better price point for us.  

For our pricing plan, we are not on a subscription, so we do not have to pay every month. We have a yearly license for the product.  

The approximate amount we pay per license is around $80 per user per year.  

My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability.  

On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.  

Cortex XDR does the stitching between a number of security domains, like email security, API security, and web security. The solution does the stitching from different sources and makes a logical incident.

We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action. We don't need to navigate different solutions and tools or use our human intelligence to correlate all the information to make the logic. Cortex XDR entirely does it, and we can take action.

Cortex XDR should have a lightweight agent, and the agent size should not be heavy. Cortex XDR’s technical support should also be improved.

Cortex XDR should provide a feature to remove or uninstall an agent directly from the console itself without the help of an IT engineer. No one wants to do a manual installation of the agent. Everyone is looking for a solution to remove the agent from the console directly.

I have been working with Cortex XDR by Palo Alto Networks for two years.

I rate Cortex XDR a ten out of ten for stability.

I rate Cortex XDR a five out of ten for scalability.

The technical support of Cortex XDR and other OEM products is not very good. Cortex XDR's technical support does not usually respond quickly.

Neutral

I rate Cortex XDR’s initial setup an eight out of ten.

Cortex XDR’s pricing is very reasonable. I rate Cortex XDR a five out of ten for pricing.

I am using the latest version of Cortex XDR by Palo Alto Networks. Cortex XDR is usually deployed in our clients’ organization on cloud. The time it takes to deploy Cortex XDR depends totally upon the organization.

The biggest drawback of Cortex XDR is that it has a heavyweight agent. Cortex XDR would be a good product if this issue could be resolved.

Overall, I rate Cortex XDR an eight out of ten.

Our clients want to correlate information they have in their network. Many engineers or companies have different tools like CMs, firewalls, VPNs, and some other things related to networks. They mentioned that after they acquired the Cortex XDR solution they have all of the information in one place. That is important because they improved the time to solve security issues.

One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. 

Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network.

I don't like that they have different types of licenses. For example, if users select a license, they think they will have all the platforms they need to improve their network or security. But after some time, Palo Alto Networks changed their licensing, and some of the features that, for example, were free at the beginning now have a cost. I think the integration can be improved. For example, a lot of tools are just integrated through APIs.

I have worked with Cortex XDR by Palo Alto Network for about four years.

Cortex XDR by Palo Alto Network is a stable solution. I have been working with it for years, and it only went down once.

On a scale from one to ten, I would give stability a nine.

Cortex XDR by Palo Alto Network is a scalable solution.

Technical support is okay.

Positive

The initial setup is straightforward and not very complicated. I think it takes about two hours to deploy this solution. The number of personnel needed depends on the company. For example, banks usually have five cybersecurity engineers installing and maintaining this solution.

On a scale from one to ten, I would give the initial setup a seven.

I don't like that they have different types of licenses.

On a scale from one to nine, I would give licensing costs a seven.

I consider Cortex XDR by Palo Alto Network a good solution. They have good support, and they listen to customer feedback. 

On a scale from one to nine, I would give Cortex XDR by Palo Alto Network a nine.

Cortex XDR by Palo Alto Networks is a network management solution.

Cortex XDR by Palo Alto Networks can improve mobile integration to allow access to the console.

I have sold Cortex XDR by Palo Alto Networks within the last 12 months.

Cortex XDR by Palo Alto Networks should be a stable solution.

The scalability of Cortex XDR by Palo Alto Networks is very good.

The cost of Cortex XDR by Palo Alto Networks is $55 to $90 USD per endpoint per month.

I would recommend this solution to others.

I rate Cortex XDR by Palo Alto Networks an eight out of ten.

The main use case was the integration with their Palo Alto firewall and Panorama. Apart from that, they also had integration with the FIM solution that they had. Overall, having it at the endpoint and having network integration for the overall threat scenario has been where we use it.

The policy configuration is great. The granularity of policies that are available is very helpful.

It is straightforward to set up.

It has pretty much everything we need and works well within the Palo Alto ecosystem.

The GUI could be improved. It's a little bit cumbersome. It could be more user-friendly.

I've been using the solution for around two years. 

The solution is quite stable. The only hiccup we had experienced was related to some false alerts where there was no detection, yet still the product showed that it detected something. There were a few false positives. Apart from that, it is quite stable.

For cloud purposes, scaling is not an issue. Even with the on-premises deployments, we have not faced any scaling issues. 

Technical support is great. We haven't had any problems with them. 

Positive

The solution is very simple and very straightforward to set up. It's not overly difficult or complex.

I'd rate it four out of five in terms of ease of setup.

I do not deal with licensing costs. That is taken care of by our sales team.

We do hybrid deployments. For some customers, it was on the cloud and for some, it was on-prem.

It's a good solution to go with. If you are dealing with the ecosystem of Palo Alto, like Palo Alto firewall, Palo Alto Prisma Access, and Palo Alto XDR, if you have a Palo Alto ecosystem, it's a must to have Cortex XDR. Individually, it also works well. However, having Palo Alto everywhere will be a better scenario or a better fit if you want to deploy Cortex.

I'd rate the solution eight out of ten. 

We have Cortex XDR on our endpoints, and we have managed threat hunting. We are using it for everything related to security. If we have a device we believe is compromised, we can do a scan of the device to check for malware. We look for indicators of compromise in our network. We also look for behavioral things, such as if people are, for some reason, sending a bunch of information out. We also monitor USB file copies to make sure sensitive data isn't leaving our systems. It is also for any kind of denial of service attack.

We are using its latest version. It is deployed on-prem. We have agent software on all our endpoints, and then we have on-prem devices managed through Panorama.

It has quite a bit of functionality. So, if anything weird happens on our network, Cortex normally lets us know.

Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful.

They've been having some issues with updating their endpoint agents, and it has been quite frustrating.

I have been using this solution for about a year.

It's incredibly stable. It's Palo Alto; it's top of the line.

It's enterprise-grade. They cover everybody from the federal government to large corporations. We're probably a pretty small network for them. We have about 2,000 endpoints.

I have used their support. I would rate them a four out of five.

Positive

We used to have Check Point. We switched because there were a lot of added features with Palo Alto that Check Point didn't have. It was an upgrade for us.

It is incredibly complex. It has a lot of parts. Its implementation took six months.

We worked with Palo Alto directly to look at our old firewalls and translate their configuration to Palo Alto.

There are three of us for deployment and maintenance.

It's way too expensive, but security is expensive. You pay for your licensing, and then you pay for someone to monitor the stuff.

You get out what you put in. So, the more you work with it, customize it, monitor it, and manage it, the more you'll get out of it.

I would rate it an eight out of ten. There are some bug updates that they were having issues with. Everything else has been pretty great. There is a lot more visibility than I expected.

It has just been about a month.

It is mainly for monitoring and/or logging. We look at it to see if there are any log incidents. 

We are using its latest version. It is deployed as a hybrid.

Monitoring is most valuable.

In terms of areas of improvement, we have not completed our review of the product. We're also looking at other products. So, it's a little bit hard to tell what could be different because we have not completed the review of this product, but based on our experience so far, its implementation is quite complex.

In terms of new features, we don't have any functions or features that we would like to add at the moment. 

It is looking promising in terms of scalability, but we have not looked into it further because we are still in the process of learning and getting some experience.

Currently, there are just two users of this solution. They are IT specialists.

Its initial setup is quite complex. In terms of complexity, I would rate it a four and a half out of five.

I am using the Community edition.

My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner.

We have not yet completed our review of the product. At this time, I would rate it a five out of 10.

We are not using it for our purposes because we are a Palo Alto partner. We propose it for our customers based on their requirements.

We are both a service provider and a reseller.

When the pandemic first began, the use cases were mostly for remote users. We deployed this for the majority of remote users.

When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud. We have a lot of advantages as a result.

It's a very simple implementation, and I have direct Palo Alto implementation available as well. So it's very simple. We haven't found any issues, so far the implementation is going well, I don't see any gaps.

In general, the price could be more competitive.

In Palo Alto, we also work with all product lines, including Prisma and other product lines as required. Is a mix, it's a subproduct, we work with the mix of products.

We have been working with Cortex XDR by Palo Alto Networks for two to three years.

We get updates from Palo Alto directly.

Cortex XDR by Palo Alto Networks is a stable product.

It's a scalable solution, we have not had any challenges with the scalability of Cortex XDR by Palo Alto Networks.

Our customers range from medium to large enterprise companies. The adoption rate in small businesses is much less, but the majority of our requirements come from mid-to enterprise-sized businesses.

Technical support is the best in class, in my opinion, because they have invested heavily in research and development. In terms of comparison and today's challenges, such as security and layers, Palo Alto complies with all of the challenges.

In terms of Security, we are working with a few products and a few brands.

We use Palo Alto and we also work with Barracuda. These solutions are used on the web firewall and for email protection.

We work with the entire Barracuda product line, but specifically for email protection and web filtering.

Barracuda Essentials is included with O365 protections, we work with those solutions. 

Palo Alto is part of a different vertical layer than Barracuda. It's distinct. They are very different.

The initial setup depends on the environment, but as a technology, I would say it's simple. It's not that difficult.

The length of time it takes for deployment is determined by the project and the surrounding environment. We can only determine the timeframe based on that, pinpointing a specific time period is difficult.

It does not require maintenance because regular updates and monitoring are required. So if there is anything, new patches and the like, it is done automatically, and there is no additional implementation unless there are any infrastructure changes.

In comparison to other competing products, it is based on the customer's needs and the environment. However, when compared to other products, the price is slightly higher, but when considering technology and new innovation, that is the plus I would say when it comes to being XDR.

The price could be more competitive because it is not on the price wall when you go and question Palo Alto XDR. It is present, but when compared to other competitive products, I would say it is not less expensive; however, when all of the other added values are considered, the price is reasonable.

So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines.

We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution.

We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution.

When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten.

It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.