Try our new research platform with insights from 80,000+ expert users
Palo Alto Networks Cortex XSOAR Logo

Palo Alto Networks Cortex XSOAR pros and cons

Vendor: Palo Alto Networks
4.2 out of 5
Badge Leader
Leave a review

Pros & Cons summary

Palo Alto Networks Cortex XSOAR provides exceptional automation and playbook creation with outstanding integration and orchestration capabilities, enhanced by reliability and threat intelligence features. Despite its scalability and adaptability, challenges include high vendor involvement and increased pricing post-acquisition. Users experience limited on-premise options, integration issues, and technical support needs. However, the seamless integration with a vast library of plugins and the strong remote controller and data management capabilities remain noteworthy for security teams.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Cortex XSOAR excels in automation and playbook creation, significantly aiding security operation centers by handling about 50% of the work.
It offers extensive integration capabilities with a comprehensive list of plugins, allowing seamless incorporation with various tools and platforms.
Its orchestration features provide a high-level overview of critical log information, efficiently coordinating across different devices.
The platform enhances cybersecurity through effective threat intelligence integration and streamlined responses to security events.
Many users appreciate its scalability, reliability, and overall impact on improving organizational cybersecurity.

CONS

Implementing Palo Alto Networks Cortex XSOAR requires significant vendor involvement, and it should be easier for partners.
The documentation for building automation is not very good and requires improvement.
The pricing increased by 50% after Palo Alto acquired it, making it very expensive.
Managing its setup phase is complicated, and the technical support could be improved with faster response times.
The lack of SIEM functionalities and insufficient integration options are notable drawbacks of Palo Alto Networks Cortex XSOAR.
 

Palo Alto Networks Cortex XSOAR Pros review quotes

it_user1333062 - PeerSpot reviewer
it_user1333062
Director at a tech services company with 11-50 employees
Apr 23, 2020
The most valuable features are simplicity and ease of integration.
Read full review
SA
Shubham Agarwal
Network Security Engineer at a tech services company with 201-500 employees
Nov 4, 2020
The automation part and the playbook creation part are awesome. The way it is responding to the customers and incidents is also very good. In the SOC environment, I guess it will carry out around 50% of the work.
Read full review
reviewer1520922 - PeerSpot reviewer
reviewer1520922
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
Apr 16, 2021
The pricing is very good.
Read full review
Buyer's Guide
Palo Alto Networks Cortex XSOAR
January 2026
Free Report: Palo Alto Networks Cortex XSOAR Reviews and More
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
880,745 professionals have used our research since 2012.
Chetankumar Savalagimath - PeerSpot reviewer
Chetankumar Savalagimath
Delivery Manager at a tech services company with 1,001-5,000 employees
May 15, 2021
The automation is excellent.
Read full review
DS
Darshil Sanghvi
Consultant at a tech services company with 501-1,000 employees
Jun 4, 2021
The most valuable features are the orchestration because of the way in which it coordinates the loss from all the devices and it provides us with a high-level overview of the critical log information.
Read full review
reviewer1480533 - PeerSpot reviewer
reviewer1480533
Vice President Global Technology Infrastructure Automation at a financial services firm with 10,001+ employees
Jul 2, 2021
The solution is very reliable.
Read full review
reviewer1469436 - PeerSpot reviewer
reviewer1469436
Splunker, Networking and E-Mail Security Architect, Engineer and Guru at a healthcare company with 10,001+ employees
Sep 8, 2021
It has an extensive list of integrations that are available out of the box which makes it easy to start.
Read full review
reviewer1714731 - PeerSpot reviewer
reviewer1714731
Cybersecurity Cyber Crime Infrastructure Engineer & Investigator at a government with 5,001-10,000 employees
Nov 11, 2021
Palo Alto has gotten the investigators more presence to actually go in the report because being that the platform will email the investigator that it's been assigned to, now the investigators will jump in there and start going through the review process a lot quicker.
Read full review
reviewer1726734 - PeerSpot reviewer
reviewer1726734
Supervisor SOC at a tech services company with 51-200 employees
Jan 12, 2022
I have found the solution very useful, it integrates well with other platforms.
Read full review
ShubhamAgarwal - PeerSpot reviewer
ShubhamAgarwal
Senior CyberSecurity Specialist at LTIMindtree
Nov 28, 2023
Cortex XSOAR's most valuable features are the playbooks, custom integration, the machine-learning model, and the layout, classifier, and mapper.
Read full review
Show 10 more reviews (out of 48)
 

Palo Alto Networks Cortex XSOAR Cons review quotes

it_user1333062 - PeerSpot reviewer
it_user1333062
Director at a tech services company with 11-50 employees
Apr 23, 2020
Implementing this solution requires a lot of involvement from the vendor and it should be made easier for the partners.
Read full review
SA
Shubham Agarwal
Network Security Engineer at a tech services company with 201-500 employees
Nov 4, 2020
For building automation, there is not a lot of good documentation. The documentation is there, but it is not very good from my perspective. There should be an improvement in this area. I don't see issues with anything else. In terms of new features, I have heard that other products have EBA functionality. It would be good if this functionality could be added.
Read full review
reviewer1520922 - PeerSpot reviewer
reviewer1520922
Regional Director, Customer Success (GTM Solutions & Services) at a tech services company with 51-200 employees
Apr 16, 2021
The user interface could be a bit better.
Read full review
Buyer's Guide
Palo Alto Networks Cortex XSOAR
January 2026
Free Report: Palo Alto Networks Cortex XSOAR Reviews and More
Learn what your peers think about Palo Alto Networks Cortex XSOAR. Get advice and tips from experienced pros sharing their opinions. Updated: January 2026.
DOWNLOAD NOW
880,745 professionals have used our research since 2012.
Chetankumar Savalagimath - PeerSpot reviewer
Chetankumar Savalagimath
Delivery Manager at a tech services company with 1,001-5,000 employees
May 15, 2021
When Palo Alto bought the solution, the pricing increased by 1.5 times. There's been a 50% increase, which is a lot.
Read full review
DS
Darshil Sanghvi
Consultant at a tech services company with 501-1,000 employees
Jun 4, 2021
There should be an on-premise version available for customers to have different choices.
Read full review
reviewer1480533 - PeerSpot reviewer
reviewer1480533
Vice President Global Technology Infrastructure Automation at a financial services firm with 10,001+ employees
Jul 2, 2021
The solution is very expensive.
Read full review
reviewer1469436 - PeerSpot reviewer
reviewer1469436
Splunker, Networking and E-Mail Security Architect, Engineer and Guru at a healthcare company with 10,001+ employees
Sep 8, 2021
I would love to see more flexibility on what we can display and design on the dashboards.
Read full review
reviewer1714731 - PeerSpot reviewer
reviewer1714731
Cybersecurity Cyber Crime Infrastructure Engineer & Investigator at a government with 5,001-10,000 employees
Nov 11, 2021
In terms of improvement, it needs to be more modular. It's not. When you're working in layouts and you create specific apps within layouts, there's no portability right now in order to reuse that code across multiple layouts. I can't take a tab and say I want to use this tab on these other layouts. I have to physically go in there and recreate it from scratch, which is maddening.
Read full review
reviewer1726734 - PeerSpot reviewer
reviewer1726734
Supervisor SOC at a tech services company with 51-200 employees
Jan 12, 2022
The configuration of the solution could improve it is difficult.
Read full review
ShubhamAgarwal - PeerSpot reviewer
ShubhamAgarwal
Senior CyberSecurity Specialist at LTIMindtree
Nov 28, 2023
Corex XSOAR could be improved by reducing the time it takes to process large amounts of data and increasing the number of integrations.
Read full review
Show 10 more reviews (out of 48)

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)
SOC as a Service

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR Logo
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR Logo
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR
AWS Security Hub vs Palo Alto Networks Cortex XSOAR Logo
AWS Security Hub vs Palo Alto Networks Cortex XSOAR
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR Logo
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR
Exabeam vs Palo Alto Networks Cortex XSOAR Logo
Exabeam vs Palo Alto Networks Cortex XSOAR
Splunk SOAR vs Palo Alto Networks Cortex XSOAR Logo
Splunk SOAR vs Palo Alto Networks Cortex XSOAR
Stellar Cyber Open XDR vs Palo Alto Networks Cortex XSOAR Logo
Stellar Cyber Open XDR vs Palo Alto Networks Cortex XSOAR
NetWitness NDR vs Palo Alto Networks Cortex XSOAR Logo
NetWitness NDR vs Palo Alto Networks Cortex XSOAR
Tines vs Palo Alto Networks Cortex XSOAR Logo
Tines vs Palo Alto Networks Cortex XSOAR
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR Logo
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR
Google Security Operations vs Palo Alto Networks Cortex XSOAR Logo
Google Security Operations vs Palo Alto Networks Cortex XSOAR
Torq vs Palo Alto Networks Cortex XSOAR Logo
Torq vs Palo Alto Networks Cortex XSOAR
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR Logo
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR Logo
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR
See all alternatives

Product Categories

Product Categories
Security Orchestration Automation and Response (SOAR)
SOC as a Service

Popular Comparisons

Popular Comparisons
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR Logo
Microsoft Sentinel vs Palo Alto Networks Cortex XSOAR
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR Logo
IBM Security QRadar vs Palo Alto Networks Cortex XSOAR
AWS Security Hub vs Palo Alto Networks Cortex XSOAR Logo
AWS Security Hub vs Palo Alto Networks Cortex XSOAR
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR Logo
Arctic Wolf Managed Detection and Response vs Palo Alto Networks Cortex XSOAR
Exabeam vs Palo Alto Networks Cortex XSOAR Logo
Exabeam vs Palo Alto Networks Cortex XSOAR
Splunk SOAR vs Palo Alto Networks Cortex XSOAR Logo
Splunk SOAR vs Palo Alto Networks Cortex XSOAR
Stellar Cyber Open XDR vs Palo Alto Networks Cortex XSOAR Logo
Stellar Cyber Open XDR vs Palo Alto Networks Cortex XSOAR
NetWitness NDR vs Palo Alto Networks Cortex XSOAR Logo
NetWitness NDR vs Palo Alto Networks Cortex XSOAR
Tines vs Palo Alto Networks Cortex XSOAR Logo
Tines vs Palo Alto Networks Cortex XSOAR
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR Logo
Sumo Logic Security vs Palo Alto Networks Cortex XSOAR
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR Logo
ThreatConnect Threat Intelligence Platform (TIP) vs Palo Alto Networks Cortex XSOAR
Google Security Operations vs Palo Alto Networks Cortex XSOAR Logo
Google Security Operations vs Palo Alto Networks Cortex XSOAR
Torq vs Palo Alto Networks Cortex XSOAR Logo
Torq vs Palo Alto Networks Cortex XSOAR
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR Logo
ServiceNow Security Operations vs Palo Alto Networks Cortex XSOAR
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR Logo
Fortinet FortiSOAR vs Palo Alto Networks Cortex XSOAR
See all alternatives
Related questions
  • 26
Which Do You Recommend, Phantom or Demisto?
  • 181
Which solution do you prefer: Microsoft Sentinel or Palo Alto Networks Cortex XSOAR?
  • 14
Which SOAR product has the better value: Palo Alto Networks Cortex XSOAR or Swimlane? Why?
  • 96
What are the Top 5 cybersecurity trends in 2022?
  • 215
What is the difference between SIEM and SOAR platforms?
  • 79
What is an incident response playbook and how is it used in SOAR?
  • 31
What are the latest trends in Security Operations Center (SOC)?
  • 63
What tools and solutions do you use for automated incident response in an enterprise in 2022?
  • 33
How to evaluate SIEM detection rules?
  • 27
Why a Security Operations Center (SOC) is important?