The most valuable aspect of Cortex XDR by Palo Alto Networks for me is its integration with AI detection, where we get to know the behavioral detection based on users, traffic patterns, and different services that we consume. It's more about user and behavior analysis with upfront detection rules and automation that we can integrate with for orchestration purposes.

It's effective. We have seen multiple occasions where we were notified with the detection rule, and the SOC team engaged with us, and we took the remediation action as and when it was highlighted.

The positive impacts I see from Cortex XDR by Palo Alto Networks include a complete 360-degree view of our security posture altogether, being a uniform platform where we are ingesting logs from multiple resources. We have AI detection for different levels of user behaviors, and we integrate with the firewall engines and WAF, along with the EDRs and XDR, so that we have a complete overall security view and have gained much more confidence in it.

View full review »

The best features Cortex offers in my experience include its capability for detection and investigation, along with several types of threat intelligence management. It includes machine learning to easily analyze data and detect complex threats across endpoints, networks, or clouds. In playbooks, automation handles responding actions such as isolating endpoints or enriching IOCs, along with reducing mean time to detect and mean time to respond. I have used this for my SOC operations environment, discussing it with my college.

Automation and playbooks have helped me significantly. If there is a threat, detecting it used to be a lengthy process. Now, with the advancement in technology, Cortex Xnor's playbooks predefine the workflow of the automation, such as response processes, alert triggering, and enriching the context. These automations collect relevant indicators such as hashes, IP addresses, or domains efficiently and can detect and block malicious attacks with firewalls. It is very useful for eliminating workload of human errors, speeding responses for next-generation operations. Playbooks are customizable with dynamic analysis that align with organizational policies.

View full review »

The best features of Cortex XDR by Palo Alto Networks, which I have been using for almost a year, include the very nice operating system and user interface that is so user-friendly, making it very beginner-friendly. You can learn it in less than a week, covering almost all the queries and everything. You can understand the alert very simply. It makes investigation easier and faster, which is the main highlight.

I assess the effectiveness of the AI-driven endpoint security in Cortex XDR by Palo Alto Networks and I know that we only know the risks which are found before. We don't know the risks which are coming in the future. The AI-based detection and BIOC rule detection may help in the future for detecting new threats, which will be helpful for the company.

Cortex XDR by Palo Alto Networks helps a lot with blocking sophisticated threats in real-time because we don't have to care much about the threats which are prioritized by ourselves. If we are only getting the detection and XDR detects it, it means we have to take further action. If we set the priority to block or prevent the action, it will automatically do it. This helps to save our time and allows us to do our further investigation after that.

How much faster it has become to detect and respond to threats depends on the device and defense actions, averaging around 30 minutes.

I have experienced a reduction in alert triage since integrating Cortex XDR by Palo Alto Networks because you can configure the rules and fine-tune them according to the alerts we get. This will be very helpful to prevent false positives. It is very easy to fine-tune in XDR and will take around 15 to 20 minutes if you understand the concept. This can actually prevent the flooding of alerts and will be helpful for triaging the most prioritized alerts.

Implementing Cortex XDR by Palo Alto Networks has had a significant impact on my security analyst workload because it becomes much easier. If you are installing something like an antivirus, it cannot actually prevent us from accessing the endpoint through our computer. Cortex XDR actually helps to access the computer very easily in a short time. The tool is actually really fast and connects very quickly if you want to access the system. It detects and prevents according to the BIOC rule very well, and we get the alert as well. Then we can do the further investigation using that alert. The UI is very simple, and you can connect and check whatever you want in another device. In our company, we mostly depend on XDR.

Cortex XDR by Palo Alto Networks saves me a lot of time because when we get the alert in some other tools, we used to check the alerts using XDR. It only takes a simple time to check the endpoint and determine what activities are going on with XDR. You don't have to get the user's laptop or approach the user at all. You can actually do it from your device very easily. This actually saves a massive amount of time per day.

View full review »

Cortex XDR by Palo Alto Networks offers simplicity and is easy to manage through the GUI.

If you want to add whitelisting to avoid any false positive scenarios with Cortex XDR by Palo Alto Networks, we can easily right-click and add the whitelist for those hash files or perform any whitelisting. It is quite simple operationally.

I can say that Cortex XDR by Palo Alto Networks is doing a very good job because we are acquiring so many clinics, and some of the clinics actually run without any XDR application. In those scenarios, we have to install Cortex XDR by Palo Alto Networks and sometimes we figure out that some malicious applications have been running on those devices. Because of that, we have been able to identify those applications and clean their devices to keep our environment safe.

In that case, I can say that Cortex XDR by Palo Alto Networks has helped me communicate security value or risk reduction to leadership and executives because most of the time we show our dashboard to our top management. Sometimes our SOC team extracts reports showing how many incidents have occurred during the past month. We have different kinds of reports and dashboards to show our management.

View full review »

The threat chain, the investigation process, and device control are the most valuable features in Cortex XDR by Palo Alto Networks. Detection is very good because malware is detected before it activates in the system, making it a very good product. Cortex XDR by Palo Alto Networks is an AI product that has no signature available inside, so everything is based on AI, machine learning, and behavior analysis, which are all very good for reducing risk in the organization.

The most beneficial aspect of Cortex XDR by Palo Alto Networks was when it was first installed in the environment, where there were too many infected and compromised systems. After installing this solution, it identified, blocked, and provided the complete attack chain, which was very helpful. A previous product was not detecting anything, and after installing Cortex XDR by Palo Alto Networks, the experience has been very good.

View full review »

The best feature of Cortex XDR by Palo Alto Networks is that it provides end-to-end encryption and control over the security of the end devices, and it also offers a simplified web interface to understand each and every aspect from an analyst's perspective, including details about antivirus, malware, and viruses on a simplified GUI management for all the endpoints we have deployed in the network.

Cortex XDR by Palo Alto Networks is compatible with AI-driven solutions and provides all the data fetched from the internet in a single place.

Cortex XDR by Palo Alto Networks blocks threats in real-time and provides a detailed overview, including case details and artifacts, and it provides comprehensive details in the dashboard.

From the perspective of a security analyst, Cortex XDR by Palo Alto Networks reduces the workload because it provides a detailed workflow and artifacts in a single dashboard, enabling me to easily track malicious IPs and various activity details, including AI-driven insights about these malicious sources.

View full review »

The most important features of Cortex XDR by Palo Alto Networks are the tight integration with the Palo Alto environment. It is not just an EDR solution, but a full security suite with automation as the main driver, as well as the networking side.

EDR solutions are generally lacking on the networking side as they focus solely on the endpoint side. The SOAR side is another valuable feature because it is being used extensively, particularly the Triage functionality and effective triage without human intervention.

In the future with new AI technologies, there is significant potential. A POC is currently being conducted with ARIS, the Palo Alto AI offering, and it is planned to be purchased for the next year.

When using Cortex XDR by Palo Alto Networks in a tightly populated environment, all vulnerabilities, threats, and zero-days that can affect the environment become visible, along with how to mitigate them in a fast way to detect and mitigate.

View full review »

The best features of Cortex XDR by Palo Alto Networks are apparent when I compare it to other tools. Palo Alto is more difficult initially, but once you start learning how to use it, particularly the query language, you realize its power. When we use MDE, it uses KQL, which is similar to SQL. However, Cortex XDR by Palo Alto Networks uses XQL, which is more difficult but allows you to get significantly more information. Once you become familiar with it, it is a more powerful tool. For example, Cortex XDR by Palo Alto Networks has an automatic tool, which is a sandbox for local analysis that is incredibly useful for malware detection. I would say that I prefer Cortex XDR by Palo Alto Networks over MDE. To sum it up, it is a stronger tool for me.

The way we detect, investigate, or respond to threats with Cortex XDR by Palo Alto Networks is basically the same as with other tools, but once we start using Cortex XDR by Palo Alto Networks, we have different tools for different clients. When we use Palo Alto, it is basically the same, but we normally get a little bit more time because if we want to make a strong investigation for one incident, we have to make queries and look at different parts of the interface. There is a part of the interface called alert debug, which is more technical. If you click on the incident in alert debug, you can see the whole information of the incident in raw JSON format. To sum it up, it will make the investigation slower, but as I said before, it is better for the investigation because you have more information.

View full review »

The best feature of Cortex XDR by Palo Alto Networks is that it collects logs from different sections such as the endpoint, the network, and the cloud, making it easy to investigate alerts, collect some of the investigation packages related to the infected machines, and provide live response. This makes it a very good solution, similar to Microsoft Defender XDR.

Cortex XDR by Palo Alto Networks is very effective for the default rules in blocking sophisticated threats in real-time. However, we cannot take any action related to the block agent for the custom rules. The default rule can take any action, but the custom rule does not take any action, making it very good for handling real attacks.

Cortex XDR by Palo Alto Networks has a very good impact on preventing advanced attacks such as ransomware, which is very impactful malware for customers. It can take action by isolating a machine if any bad behavior is detected on the compromised machine, making it a very good solution for detecting attacks and protecting our customers from business continuity issues or bad reputation.

The use of Cortex XDR by Palo Alto Networks has made it easy for analysts, as it does not create any workload for them, allowing them to work faster.

View full review »

The best features include the security level, which was nice. The Cortex Data Lake is nice too; it's really big. The way the cases used to collect the data is not intrusive, permitting the infrastructure to collect the data and send it to the Data Lake without problems.

It is not intrusive.

View full review »

As per the latest release of Cortex XDR by Palo Alto Networks, which is version 5.0, things have changed. The UI has been updated and is looking similar to Cortex XIM. Previously, Cortex XDR by Palo Alto Networks was very easy to use, and all the artifacts and assets involved in an incident could be displayed on the screen and accessed with a single click. This was very helpful for me. Additionally, the MITRE ATT&CK mapping that Cortex XDR by Palo Alto Networks has is very valuable because I can understand at a glance what tactics and techniques are involved and what is happening in the incident. The email preview feature for incidents, which is now called cases, is also good as all the important information is displayed on the left-hand side pane.

The agent performance is exceptional in Cortex XDR by Palo Alto Networks. I have deployed hundreds of agents on endpoints and am monitoring them based on our in-house SOC operations. There was an instance where the MTTR and MTTD was just three minutes. The agents perform very well and quickly detect malicious files, quarantine them, block them, and send alerts to us. The agent performance is outstanding.

View full review »

Cortex XDR by Palo Alto Networks has more than just antivirus capabilities. It verifies the executable and analyzes all its dependencies, sending this information to the cloud database, specifically Cortex Data Lake. It inspects the programs, dependencies, and connections, making it useful for blocking unwanted behaviors based on licenses, whether basic or Pro. Additionally, there is machine learning within Cortex Data Lake to detect specific behaviors from a cloud standpoint, which aids in producing accurate incident reports and managing them effectively on the control panel.

View full review »

The best features of Cortex are automated incident response, playbook automation, cyber threat intelligence, and management. It includes case and incident management, such as incident details, evidence, timelines, and using the dashboard. There is a war room for investigation and to consume alert correlation rules to reduce noise and false positives. It has over 700 integrations. It works with SIEM, EDR, firewall, email security, the cloud environment, and many others. Additionally, it has endpoint detections, behavior analytic UEBA, and machine learning-based detection using ML modules to detect advanced threats. There's a centralized data lake and customized dashboard reports.

I find automation through the playbook to be the most valuable feature I use day-to-day. Playbooks save analyst time. If used for Cortex, it saves the analyst's time with a reduction in false positives. For IOC enrichment, we utilize MTDR, mean time to respond, to resolve incidents faster.

I notice a positive impact since using Cortex. We experience a faster, quicker response. Regarding positive changes, if we have a short positive, we investigate the IP, URL, VirusTotal, and abuse.ch. We use XDR, and it's fast and reliable with no human error. It automatically works to reduce the workload of the SOC analyst, thus decreasing manual work.

View full review »

The features of Cortex XDR by Palo Alto Networks that I find most effective in threat detection involve two main aspects. Our red teaming expert attempted to break Cortex XDR, and it generated detailed logs. The behavioral engine is another significant feature we appreciate. If a user doesn't click any link within 30 days and on the 31st day clicks a new link, Cortex XDR immediately alerts us that this user has clicked on an uncommon link or their behavior is uncommon. As an organization and implementer, we value these two features: the behavioral engine and the logging capability.

View full review »

Cortex XDR by Palo Alto Networks is a very strong solution, and it offers many features including XDR, EDR and NDR solutions, and also offers an encryption feature.

What I like about Cortex XDR by Palo Alto Networks is that it is a comprehensive solution that contains everything the organization may need when using endpoints.

I would assess the effectiveness of Cortex XDR by Palo Alto Networks' AI-driven endpoint security in reducing risk for my organization by saying that it is integrated with AI, so it has many features that secure my organization in an efficient way.

The main benefits that Cortex XDR by Palo Alto Networks brings to the table include the fact that it is just on the cloud. You don't need to install it on your servers and there is no need for disk allocation for the server. It's on the cloud, so any device connected to the internet can communicate with the Cortex manager and get the updates and definitions of viruses and malware. That's a good feature.

The impact that Cortex XDR by Palo Alto Networks has had on my security analyst workload is significant, as it has improved the analyst security in my organization. Cortex XDR by Palo Alto Networks has many events, incidents, alerts, and alarms that help a security analyst detect malicious files or prepare for attacks or malicious activity.

View full review »

Cortex XDR's agent has the ability to block sophisticated threats in real time, as it has the facility to block many real-time attacks. However, the policy needs to be well-structured, because some organizations may indicate that certain executions can be allowed, which should not be permitted. Mostly, a restricted environment should be enforced, but the agent does have the facility to block approximately ninety percent of threats. I'm not claiming one hundred percent, but this capability is definitely present.

View full review »

I recommend Cortex XDR by Palo Alto Networks for a company that would like to have a more stable platform that does not disrupt their business or applications.

Cortex XDR by Palo Alto Networks's ability to block sophisticated threats in real time is quite good and is on par with SentinelOne's.

I assess the effectiveness of Cortex XDR by Palo Alto Networks's AI-driven endpoint security and find that both have very good results. The difference is around the details. SentinelOne is winning in this area in terms of the detailed information that can be captured and the detailed information in terms of the detections. SentinelOne also has superior storyline capabilities, which is why I think we use it for forensics as well. Cortex XDR by Palo Alto Networks is winning due to the simplicity and non-intrusive detection capabilities.

In terms of detections, SentinelOne has advantages, but also disadvantages since they are intrusive. The result is that there are many threats that can be detected, but there are also many false positives. Cortex XDR by Palo Alto Networks is non-intrusive, but in terms of the detail, sometimes potential threats cannot be captured.

View full review »

What I appreciate most about Cortex XDR by Palo Alto Networks is that it has a good tenant feature in which we have multiple tenants. We were working in EU tenants, and apart from this, the GUI is completely easy to understand.

Cortex XDR by Palo Alto Networks has helped lighten the load of our security analysts because it was the major tool that we were using and the one we utilized most. I would suggest it was a good solution for me.

View full review »

Cortex XDR features advanced threat detection capabilities. The handling GUI allows for advanced searches, rule creation, and local detection. It incorporates AI for normal behavior detection, distinguishing unusual operations. 

These features make the product very effective for threat detection. Additionally, the GUI is user-friendly and the product offers robust AI or normal behavior detection.

View full review »

Cortex XDR by Palo Alto Networks is a good product, serving as a next-generation antivirus with extended detection and response features. It offers threat prevention, behavioral control, automation in threat response, and analytics capabilities, which enhance security measures. The product provides automation responses in case of a threat attack, severity assessments, centralized manageability, and comprehensive compliance features, resulting in reduced costs. View full review »

The product's most valuable feature is the ability to integrate and correlate data from network and endpoint sources. This comprehensive visibility allows us to quickly identify and respond to threats, such as impossible travel scenarios, with greater accuracy and speed.

View full review »

The solution's most valuable feature is that it protects against unknown malware and activities and offers behavioral threat detection functionalities. With a wildcard and based on whatever configurations, it gives alerts and offers an XDR Quick Scan facility. We get proper results from the tool, and after scanning, we can see them on the dashboard.

View full review »

The best thing about Cortex XDR is that it has host servers, networks, and proxy servers. On the other hand, CrowdStrike has only hosts and servers. The solution helps find bugs, and it is safe to use to prevent attacks by hackers.

View full review »

The most valuable feature of the solution stems from the fact that the tool provides real-time visibility of our network activity and allows us to detect threats early and respond quickly. It is an easy-to-use tool. The tool's interface is good and simple to use.

View full review »

The solution's most valuable feature is its general integration with various Palo Alto Networks products. The tool is a unified platform that includes a firewall, Prisma Cloud, and Cortex's storage. It is also a single data platform that consolidates data from endpoints and network traffic into a single data lake. For behavior analytics, the tool uses advanced behavior analytics and machine learning to detect sophisticated threats.

View full review »

The solution perfectly correlates with Palo Alto's Networks Firewall to perform XDR capabilities such as network traffic plus endpoint security. This is what distinguishes the solution from other products. 

From a single pane of glass, you can easily manage all of your endpoints.

The dashboard is intuitive so you can easily investigate or track incidents. 

The solution has a fair amount of integrations with certain intelligence tools or third-party products. 

View full review »

The most valuable features are incident creation, policy-based protection, IP whitelisting, and device encryption. These are beneficial for endpoint and server security.

View full review »

The most valuable feature of the solution is Broker VM, which is the best functionality, as I haven't found such a feature in any other product I have worked on till now.

View full review »

The solution's most valuable feature is its ability to rapidly detect certain hardware files.

All other features of Cortex XDR by Palo Alto Networks are fine.

View full review »

The solution is a new generation XDR that has a lot of artificial intelligence modules. 

The solution's communication methods are very effective. 

Configuring or eradicating terminals is easy. 

View full review »

Cortex covers everything I need. It's a perfect solution. Cortex provides a different level of visibility because it's an extended EDR, allowing you to grab logs from the network and firewalls. Palo Alto invented the concept of the extended EDR or XDR.

View full review »

The live terminal is probably the best thing ever. It gives you the access to get straight onto any machine. 

In general, it has been able to see every single threat that has ever come up and it helps us stop it. 

I've used it for a great many years now, and it worked really well. From the Palo Alto side, whatever they buy, they integrate that really well into their integration suite, and that makes a massive difference.

View full review »

We're trying to explore Cortex's possibly to detect digital forensics and the source of the issues. 

The initial setup isn't too bad.

View full review »

The good thing about the product is that it's always scanning. It does real-time scanning for customers. If there's anything related to the applications that it's installed, for example, if an application needs some upgrades, or updates, or add-ons, we already have a server that is downloading this for the users, the computers. In terms of the laptops, we are not managing the laptops from the servers, since the users take the laptops with them and they are managing their laptops by themselves. There is any variability. The application gives us a notification on the Cloud so that we can handle this problem or make sure that the laptop is secured. The customers or the users don't have much experience to pick what is right and know what is wrong. It's a very, very informational application. 

The initial setup is easy.

View full review »

User control in Cortex XDR allows users to restrict access to certain websites from a company laptop used over a home network. The solution allows control over the user and his machine through Cortex XDR security policies.

View full review »

The most valuable feature of Cortex XDR by Palo Alto Networks is the low consumption of system resources. The solution uses a lot of AI and machine learning.

View full review »

The policy configuration is great. The granularity of policies that are available is very helpful.

It is straightforward to set up.

It has pretty much everything we need and works well within the Palo Alto ecosystem.

View full review »

Their XDR agent and their behavioral indicators of compromise (BIOC) are pretty nice. Their managed threat hunting is also pretty nice. They also have WildFire, which is a service for actively looking for malware. It's quite useful.

View full review »

Since they've done their most recent update, the ease to isolate endpoints is valuable. If we find one where there is a virus on it, we can easily isolate it. We don't even have to contact the user. We don't have to manually take them off the network. We can easily isolate them. The hash that they use is pretty comprehensive. I like WildFire. It gives us a better idea of what is a true virus and what is a false positive.

View full review »

I chose this solution because they constantly add new features and are very proactive about that. To my mind, signature-based antivirus is a thing of the past. These days it's machine-learning technology and behavior-based analytics features that make us more secure. XDR feels secure because of those features.

View full review »

The solution allows us to gain remote access without the user's knowledge and take the necessary actions on the device. For investigation, we can just drop down and easily elaborate on the issues, like where the user went and what they downloaded. We can use the solution to find out everything easily.

View full review »

We can use Cortex XDR to get the entire graph of the incidents from source to destination, and we can take remedial action. We don't need to navigate different solutions and tools or use our human intelligence to correlate all the information to make the logic. Cortex XDR entirely does it, and we can take action.

View full review »

Cortex XDR is very easy to deploy and has great threat detection capabilities and good internal threat intelligence.

It uses advanced AI analytics, behavior analytics, and custom-made detection to detect advanced threats before they occur.

If a customer says it's expensive- let's say I will say no it is not. Other values are added then it is more reasonable having strong features.

With a click, I can access the system and isolate it from other networks, and then go into a further forensic investigation of the current threat without compromising anything else.

Its stitches with external logs are perfect and enhanced.

View full review »

Cortex XDR is a very capable solution for protecting large networks and a lot of endpoints. It's very useful because the automation is very high, and if you combine it with the features on Palo Alto firewalls, it provides very strong protection.

View full review »

The most valuable feature of Cortex XDR by Palo Alto Networks is its machine-learning capabilities. Additionally, there is full integration with other solutions.

View full review »

Cortex XDR's most valuable feature is its intelligence-based dashboards.

View full review »

One thing that I like about Cortex XDR is its ability to detect all the suspicious or malicious binaries, and it can integrate with Palo Alto Firewall. 

View full review »

Monitoring is most valuable.

View full review »

When the pandemic started, Palo Alto came up with many solutions, which helped with the quick shift from on-premises to the cloud. We have a lot of advantages as a result.

It's a very simple implementation, and I have direct Palo Alto implementation available as well. So it's very simple. We haven't found any issues, so far the implementation is going well, I don't see any gaps.

View full review »

Overall, it's a great platform. It integrates very well with other solutions from Palo Alto and also with our vendors. 

The ease of use is excellent. 

I love the root cause analysis from Cortex, which is amazing. It's really fantastic. In a few clicks, you can just have the full root cause. 

The price is quite interesting. It's not overly expensive.

The solution is stable. 

I've found the solution to be highly scalable for enterprises. 

View full review »

It is a simple platform to use.

The dashboard is good, it's very clean and very simple to read. The information the dashboard provides is very clear.

View full review »

Alerts regarding the incidence happening in system and easy to block and allow the services and external device control.

View full review »

Cortex XDR by Palo Alto Networks is easy to use and does not consume a lot of hardware resources. 

Cortex analyzes the network and users to detect additional risks and threats that the other vendor's solutions don't detect.

View full review »

The most valuable features of this product are the management capabilities, which allow an IT organization to get quite a good picture of attempted cyber attacks, and its out-of-the-box investigation capabilities.

View full review »

It's a nice product that's stable and scalable.

View full review »

I like the centralized console and the predictive analysis it does of malware.

It is very stable and also scalable.

It is easy to deploy and update. It does not require a lot of maintenance.

View full review »

I like that the product has behavior-based detection which offers many benefits over signature-based detection. When it comes to zero day attacks and targeted attacks, signature detection is not able to detect problems. Behavior-based detection is able to detect attacks tailored specifically for your environment, or malware that doesn't yet have a known malicious signature. It's the nature of how the data is processed that makes the tool really powerful. 

View full review »

The ability to kind of stitch everything together and see the actual complete picture is very useful. I guess you'd call it a playbook. Some people call it the forensics analysis of what was happening on particular endpoints when they detected some malicious behavior, and what transpired before that to cause that. It is also very user friendly.

The way they have done everything and integrated all the solutions that they've purchased over the years to make it a very seamless, effective product is very good. One thing about Palo Alto is that they take the products or services that they purchase and make them seamless for the end user as compared to some companies that purchase other companies and then just kind of have their products off to the side or keep different interfaces. Palo Alto doesn't do that.

View full review »

The solution offers a very high-performance. 

The solution has analytics that watch patterns and trends. If there is a change in user behavior or communication, it has the ability to track that. 

The solution has a very helpful isolation feature. If any system gets compromised, with one click I can access the system and isolate it from other networks, and then go into further forensic investigation of the current threat without compromising anything else.

There are a lot of lead solutions in this space, however, Palo Alto is number one.

The initial setup is pretty easy.

View full review »

The interface is easy to use and it is more up to date than our previous solution.

View full review »

Cortex has several good features that I am interested in. There is a nice Sandbox function that is very strong, there is the Traps (endpoint protection) solution, the real-time filtering of suspect linkages is good, and the automatic blocking of suspect behavior is always active and protecting the network.  

View full review »

The solution's most valuable feature is the user interface. I've used other solutions like Cylance and CrowdStrike, but Cortex XDR stands out from all the products. It has also moved to XSIAM. Cortex XDR introduced it long ago, while other tools are implementing it now.

View full review »

The product's most valuable features are massive user and feature intelligence exploit detection. It is very useful in detecting threats to databases. The last meter statistics prove the efficient capabilities of the solution.

View full review »

The solution allows us to make investigations. Other XDR solutions also provide similar capabilities but for investigation, Cortex XDR is better.

View full review »

One of the things that I enjoy the most is using policy extensions. It's like having host firewalls to control USB connections. I think it's a wonderful tool to restrict use when connecting to our computers. 

Another important tool is Home Insights. That is an add-on to the Cortex solution. I like that because we can see all the vulnerabilities in the environment and control what assets are connected to our network.

View full review »

Everything is fine. 

It'll not slow down your system when compared to others.

The initial setup is easy.

View full review »

Cortex XDR lets us manage several clients from the same console, and its endpoint defense is more advanced than traditional antivirus.

View full review »

The most valuable features are that it can integrate the firewalls and determine the tendencies of the attacks.

It investigates problems and incidents quickly. Cortex is good at reducing alerts and for having a custom barrier. It's a new generation antivirus, with protection endpoints and detection response.

Cortex detects and shows what the problem is and how to resolve the problem or incident. Cortex is very easy to use and everybody can operate the solution.

It has tools for threat hunting and it has very good incident response features.

View full review »

The most valuable for us is the correlation feature. You are able to correlate data that is coming from the firewall, network, server, and endpoints. This is one of our main requirements and makes for a good product.

It works with the data lake in an agent-based or agentless manner.

It is easy to integrate most with network devices, including firewalls, and Active Directory. We use firewalls from different vendors including Palo Alto and Check Point, and it supports them.

View full review »

Its interface and pricing are most valuable. It is better than other vendors in terms of security.

View full review »

Its ability to react to cyber data attacks is awesome. That is pretty much the use of it. What blows your mind is the ability to access your assets remotely and see what is actually going on with them. You can not only see them in a console. You can also react very rapidly to your assets that are compromised.

View full review »

Threat identification and detection are the most valuable features of this solution.

View full review »

One of the main benefits of the solution is its intelligence to correlate the events into an incident.

View full review »

It is easy to use.

View full review »

The user interface of the solution is sophisticated and straightforward.

View full review »

If a company uses Palo Alto and supports Cortex XDR for endpoint protection it is very well protected. Palo Alto is the best security solution in the market. It's very advanced and its protection is extremely reliable.

The solution doesn't need a high level of technical training. The solution is very usable and doesn't take a lot of personnel.

The product is very scalable.

The stability is very good.

View full review »

They did what they said. This solution could apply to any scenario.

View full review »

The most valuable feature is that you can select remote access of any machine for sandboxing.

Irrespective of whether you have the rights or not, you can still access it from the cloud.

View full review »

Stability is a primary factor, and then there's the ease of distribution and policy management. Cortex XDR by Palo Alto Networks is very easy to work with, and we're quite happy with them.

View full review »

The behavior-based detection feature is valuable. 

View full review »

The protection offered by this product is good, as is the endpoint reporting.

Once installed, this product is easy to manage, whether it is on-premises or the cloud-based management system.

View full review »

It can automatically correlate events and logs, which is very helpful for an IT administrator. It can correlate different kinds of malware activities over a network, agent, or host system. You do not need to do it manually. It is a good feature. 

It is also a user-friendly solution. We have deployed it on the cloud because our space does not provide any flexibility for on-premises deployment, but Palo Alto has added some flexibility to install it on-premises. It must be like the same Cortex XDR agent for all the VPN services, web filtering services, and everything else.

View full review »

It's a perfect solution. 

It integrates well into the environment.

View full review »

I can call the tweak responses or other items that the customer doesn't like very easily due to the fact that this solution is on the cloud

It collects and caches and the knowledge of machine learning from different customers to take to the cloud. It makes it better to use for everybody. It allows for quick learning and updates and can, therefore, offer zero-day malware security. This sharing of metadata helps make the solution very safe.

Even the firewalls have their signatures. It takes from different resources and takes note of everything. 

The exploits and malware technology are really good. 

View full review »

There aren't many features we find valuable on the solution.

They have a new GUI which is just fantastic.

View full review »

WildFire AI is the best option for this product.

View full review »

The one feature that our organization finds most valuable is being able to control the USB ports on the endpoints

View full review »

The integration with other products, the firewall, and the IPS are good features.

View full review »

I've found the security protection modules there, have been the most valuable.

View full review »

We have a complete overview of all our PCs and it's very easy to handle and to use the interface. It has a lot of benefits for us.

View full review »

• It blocks malicious files. 
• It prevents attacks.
• It doesn't require many updates, it's a very light application.

View full review »

The most valuable features are the fact that it was running in the background and it would intercept any weird stuff, and the fact that it would send things directly to the cloud for sandboxing. It's quite practical.

View full review »

A majority of its features are very good, well-designed, and programmed. Most of the machine learning has features where we took a deep analysis on kernel level scanning. It has shown that if in case of anything happens, like first-level operation fails or it went to the next level that it will protect the machine. You can see the artificial intelligence working on it. 

View full review »

If the user leaves our premises or network, Palo Alto Traps will still be on that endpoint and will still apply our policies. For example, if you take that endpoint out of our network, go to a Starbucks with a company laptop, then connect to our our virtualized gateway. That local endpoint will still have our network policies.

I'm so used to IPS IDS endpoint security that I don't see anything else that catches my attention other than it's working fine. It's a very good tool. It's the best one that we have.

It has Android support.

View full review »

The multi-layered approach to the product is its best feature. Each layer has a different method of protecting its endpoint. 

View full review »

The anti-exploit is impenetrable. We chose Traps because it is the only product that we were not able to get anything past.

View full review »

Wildfire, advanced detection capabilities, and whitelist/blacklist features. These features have provided us an easy way to lock down our systems to prevent execution of unknown code and scripts and to prevent launching of code from end user writable directories.

View full review »

The level of security I get for my endpoints and servers is extremely valuable.

View full review »

The platform's most valuable feature is being a cloud-based solution. We can visualize and control the activities in the environment from anywhere.

View full review »

The product has an intuitive dashboard. The first time a client interacts with the solution, they do not face any problems. It is easy for the client to navigate through the tool.

View full review »

Cortex XDR is a simple platform that's easy for administrators and users. You have a lot of flexibility to change or customize the features. 

View full review »