2018-12-12T10:13:00Z

What advice do you have for others considering Cortex XDR by Palo Alto Networks?

Miriam Tover - PeerSpot reviewer
  • 0
  • 389
PeerSpot user
53

53 Answers

AS
Reseller
Top 20
2023-12-01T14:27:50Z
Dec 1, 2023

I recommend Cortex XDR by Palo Alto Networks and rate it an eight out of ten. It is a good solution for the commercial sector as they can work on the cloud. I advise others to refer to user guides for understanding the processes easily.

Search for a product comparison
Mirko Minuzzo - PeerSpot reviewer
Real User
Top 5Leaderboard
2023-12-01T10:58:00Z
Dec 1, 2023

I rate Cortex XDR by Palo Alto Networks for ten out of ten. It could be improved from a commercial perspective. It could approach the SMB market as well.

Lissette Acurio - PeerSpot reviewer
Reseller
Top 5
2023-08-18T15:39:05Z
Aug 18, 2023

Customers often ask for proof of concept. People wanting to use the solution should analyze the different tools that can be integrated with the product. At first, clients only consider it an EDR, but later, they might realize that the tool does not have all the capabilities they need. Overall, I rate the solution an eight out of ten.

BibinMathew - PeerSpot reviewer
Real User
Top 10
2023-05-05T12:16:34Z
May 5, 2023

I would recommend this solution to others who are interested in using it. I would rate Cortex XDR by Palo Alto Networks nine out of ten.

EA
Real User
Top 20
2023-05-04T09:21:00Z
May 4, 2023

I rate it a nine out of ten.

AC
Real User
Top 5
2023-04-11T11:28:05Z
Apr 11, 2023

I rate Cortex XDR by Palo Alto nine out of 10.

Learn what your peers think about Cortex XDR by Palo Alto Networks. Get advice and tips from experienced pros sharing their opinions. Updated: March 2024.
765,234 professionals have used our research since 2012.
IS
Real User
Top 5
2023-02-02T21:36:10Z
Feb 2, 2023

I consider Cortex XDR by Palo Alto Network a good solution. They have good support, and they listen to customer feedback. On a scale from one to nine, I would give Cortex XDR by Palo Alto Network a nine.

Kamil Fahmi - PeerSpot reviewer
Real User
Top 10
2023-01-16T17:15:26Z
Jan 16, 2023

We are using two engineers for the maintenance of the solution. In our market here in Malaysia, the solution is perceived as being of high quality and providing good service. I would recommend this solution to others, it is a good solution. It is my job to recommend solutions. I rate Cortex XDR by Palo Alto Networks an eight out of ten. The solution is not perfect and that is why I gave the rating of eight.

EhabAli - PeerSpot reviewer
Real User
Top 5
2022-12-12T15:43:23Z
Dec 12, 2022

I rate Cortex XDR 10 out of 10.

AA
Real User
Top 20
2022-10-26T08:24:25Z
Oct 26, 2022

After the deployment of this solution, there is no need for maintenance. I recommend this solution to others because it is easy to manage, reliable, and overall good to use. I rate Cortex XDR by Palo Alto Networks an eight out of ten.

Dennis Ngetich - PeerSpot reviewer
Reseller
Top 10
2022-08-08T13:33:29Z
Aug 8, 2022

I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks an eight out of ten.

MA
Real User
Top 20
2022-06-28T15:48:36Z
Jun 28, 2022

We're a reseller. We are using the latest, most up-to-date version, of the product. I would recommend using it with another protection layer. Cortex should provide an additional layer of security apart from this. You might have to integrate with other vendors also. If you are looking to deploy a security solution as a whole, this is a good option. I'd rate the solution seven out of ten. If we had more advanced security features, I'd rate it higher.

Kelvin Choy - PeerSpot reviewer
Real User
Top 5
2022-06-21T06:05:00Z
Jun 21, 2022

I'm a customer and end-user. I'd rate the solution seven out of ten.

Ahmed Sief - PeerSpot reviewer
Real User
Top 10
2022-06-07T07:19:37Z
Jun 7, 2022

We are customers and end-users. We're using the latest version of the solution. Palo Alto is a big company. They are very good at security, so it's good if it's the first time a company is using this product. However, we are moving to SentinelOne as we are corporate. That means, if there is one branch upgraded or moved to something, we must follow. We are following our corporate instructions. If I was given the choice, I would be still using Cortex XDR as it's fulfilling my need. I'd rate the solution eight out of ten. The downside is each time I go to the portal and I check the versions, it's outdated. You need to upgrade each month or every forty days and it's a lot.

Rustam-Rustamli - PeerSpot reviewer
Real User
Top 20
2022-05-12T06:57:51Z
May 12, 2022

I think any XDR technology is best for protecting an environment from cyber attacks. The visibility it provides is crucial and XDR gives us that, we can see all effect vectors. I rate this solution eight out of 10.

PM
Real User
2022-03-16T12:38:21Z
Mar 16, 2022

My advice for people who are looking into implementing this system is that they should be aware of the complexity of the installation and the management of the system. I would preferably buy this from a partner. We have not yet completed our review of the product. At this time, I would rate it a five out of 10.

GA
Reseller
2022-02-11T13:57:59Z
Feb 11, 2022

So far, it has met all of our requirements, and it should be able to cater to a wide range of product lines. We must first determine what their business requirements are, as well as what other technical layers we are considering, and then propose the appropriate sizing and solution. We mostly promote Palo Alto, but it depends on the customer's needs, as well as their budget, infrastructure, and what their business requires, all of those factors come into play when recommending a solution. When you compare it with other products, I would rate Cortex XDR by Palo Alto Networks a nine out of ten. It's close to being rated a ten out of ten because of their level of support, and the other is the solution and the most recent technology.

DP
Real User
2022-01-20T10:23:15Z
Jan 20, 2022

My advice for anybody who is implementing this product is to ensure that the project plan has appropriate troubleshooting time in it. Overall, I'm quite happy with the product. I would rate this solution an eight out of ten.

AG
MSP
2021-12-22T17:22:00Z
Dec 22, 2021

I'm rating this solution a ten out of ten because it is very good for managed threat hunting and incident response. It is the best XDR solution. It's better than other tools because it uses enterprise architecture. Everybody will find that this solution is easy to use.

RV
Real User
2021-11-24T20:05:21Z
Nov 24, 2021

It is important to have security tools in order to review, monitoring and hunt the potential attacks. We have found in our test Cortex XDR by Palo Alto Networks to be a very good tool. It's an efficient solution. I recommend this solution to my business partners and other companies. I rate Cortex XDR by Palo Alto Networks a ten out of ten. Other solutions I have used I would rate a seven out of ten. There is not something that comes close to this solution.

SA
Real User
2021-11-02T18:30:56Z
Nov 2, 2021

I have found the solution to be very easy in respect of the integration and configurable. The integrations are out-of-the-box, as are the playbooks. The solution is deployed solely on-premises on a single server. As of now, there are six users making use of the solution. My advice is that the on-premises environments for the product's use should be increased. I rate Cortex XDR by Palo Alto Networks as an eight out of ten.

AA
Real User
2021-11-02T18:27:00Z
Nov 2, 2021

I would rate this solution as five out of ten.

HS
Reseller
2021-09-03T16:10:43Z
Sep 3, 2021

I would highly recommend it unless you have iOS assets on your network. I would rate Cortex XDR an eight out of 10.

AC
Real User
2021-07-30T09:54:52Z
Jul 30, 2021

I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks a nine out of ten.

AA
Real User
2021-07-23T05:07:37Z
Jul 23, 2021

I would recommend this solution. I would rate Cortex XDR a seven out of 10.

TS
Real User
Top 20
2021-07-06T18:47:00Z
Jul 6, 2021

I would recommend this solution to others. I rate Cortex XDR by Palo Alto Networks an eight out of ten.

WA
Real User
2021-06-30T17:51:45Z
Jun 30, 2021

Learn the product because once you deploy it and a lot of people look at it from an endpoint perspective, they get the endpoint protection instantly. However, there are other things that you need to learn more about. Once you deploy Cortex XDR, you get a subscription to a data lake, which helps you retain logs. We have Palo Alto firewalls and later on learned that we can also integrate our firewalls and get the logs. You have a limited amount of space for log retention, but things like that are important in cases where you need to have PCI compliance or have a company policy of retaining a certain amount of logs. So, learn all the features and ask questions, and perhaps if it's going to be something that you're going to use as an investment for your company, take a training class. On a scale from one to ten, I would rate Cortex XDR at nine.

KF
Real User
2021-04-05T18:32:14Z
Apr 5, 2021

Cortex XDR is a threat analytics security manager that allows users to see what threats are going to endpoints. It's a very high-security solution. The next step up from Cortex XDR is Cortex XSOAR. XSOAR is an automated threat solution. It's a security solution from Palo Alto. I'd recommend the solution to others. I'd rate it at a nine out of ten overall.

PV
Real User
2021-03-24T11:04:37Z
Mar 24, 2021

I would recommend this solution to anyone who is interested in using it. I would rate Cortex XDR a seven out of ten.

MJ
Real User
2021-02-22T21:12:58Z
Feb 22, 2021

It is a very straightforward product with minimum administer interference, once it is deployed. I would rate this solution a seven out of ten.

RP
Reseller
2021-01-27T06:34:21Z
Jan 27, 2021

I would recommend Cortex XDR by Palo Alto Networks to potential users. On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

KS
Real User
2021-01-23T07:10:12Z
Jan 23, 2021

On a scale from one to ten, I would give Cortex XDR by Palo Alto Networks a nine.

JW
Reseller
2021-01-07T19:20:58Z
Jan 7, 2021

You don't have to be a Palo Alto customer to implement this solution. Some people think they have to, but no. It is a completely separate solution on its own. I would highly recommend it just because it is a complete package. It not only takes in data from your endpoint; it also takes in data from other sources that are not Palo Alto and helps to create the story about what's going on by stitching things together. I would rate Cortex XDR a nine out of ten. It is pretty good. The reason for giving a nine is that there is always room for improvement.

RN
Real User
2020-12-08T16:15:48Z
Dec 8, 2020

Overall, this is a good product and I can recommend it to others. I would rate this solution an eight out of ten.

DS
Reseller
2020-11-24T00:53:45Z
Nov 24, 2020

If you are looking for security, mainly for advanced threat prevention from ransomware and malware attacks, I would recommend Cortex. Even if you want to integrate your firewall, I would recommend Cortex, but if you are looking for a single product with multiple options or features, such as DLP, encryption, rollback, and other features, I would not recommend Cortex. I would rate Cortex XDR a nine out of ten.

it_user1237689 - PeerSpot reviewer
Real User
2020-10-22T14:34:13Z
Oct 22, 2020

While we deal with the cloud deployment model, we've also often used the on-premises deployment. I'd advise other companies to use the solution. It really is the best one out there. Overall, I'd rate the solution nine out of ten. The reporting is a bit weak, and it's my understanding they are working on that. However, performance-wise and security-wise, this is the best product.

MG
Real User
2020-10-19T09:33:32Z
Oct 19, 2020

I don't use this product on a daily basis but we like what we have so far and I would definitely recommend it to other users. My advice is to make sure that you have a good implementor and that the reseller you're purchasing from gives you a highly-qualified engineer. Overall, we are happy with this product but that said, nothing does everything that you want. I would rate this solution a nine out of ten.

AB
Real User
2020-10-13T07:21:37Z
Oct 13, 2020

We had to move away from working with Cortex XDR by Palo Alto Networks due to the regulations. They state that the logs have to be kept in Saudi Arabia. Also, the log is in the cloud, which is against the regulations. We chose Fidelis. They meet the regulations and they are on-premises. We had no issues with Cortex. We were satisfied but it didn't meet with the regional regulations. I would rate Cortex XDR by Palo Alto Networks an eight out of ten.

FT
Real User
2020-08-30T08:33:28Z
Aug 30, 2020

My suggestion for people considering this product is that Cortex is a very good total solution on the endpoints. Because I needed Cortex to work for external and internal users and devices, it helps that it is cloud-based because it is good for working in the office or other locations. So we wanted to have the total end-to-end protection including on the mobile devices, that is what we got. This product will be a good suggestion for people who need the same capability. On a scale from one to ten where one is the worst and ten is the best, I would rate Cortex XDR as around nine-out-of-ten. The cost is the reason it would not be higher. Nine is good but this is a very good product except for the cost.

AA
Real User
2020-07-19T08:15:00Z
Jul 19, 2020

We have a partnership with Palo Alto. I'm a consultant, I'm pre-sales as a technical sales engineer. I try to show the value of any product for the customer. I don't actually use the solution myself. The solution does not have an on-premises option. It's only available on the cloud. For XDR new users just need to make sure they have the right policies in place. The solution does offer pre-configured policies. Organizations will want to make sure it is actually fitting them in the places where they will be working best. It's important as well that they don't make it a default selection. Users need to make sure that it's really configured and whitelisted and everything fits the organization. I'd rate the solution eight out of ten. I'd rate it higher, however, the deployment process is poor even though the features are decent. Competitors like Carbon Black have much easier deployments.

MJ
Real User
2020-07-09T06:27:01Z
Jul 9, 2020

We simply use the solution as a customer. I would not recommend the solution. I'd advise other companies to rather go with Palo Alto's firewall as a better option. I've already advised others not to touch it. It's not worth it at all to even consider using it. I'd rate the solution six out of ten. Their new GUI is very nice, however, as a professional service, it's lacking in a lot of areas.

MS
Real User
2020-06-21T08:08:11Z
Jun 21, 2020

My advice for anybody who is considering Cortex XDR is that it is a complete solution, and has very good features. From my experience, it is one of the better ones in the market. That said, no product is 100%. I would rate this solution a nine out of ten.

Mohammad Qaw - PeerSpot reviewer
MSP
2019-07-16T05:40:00Z
Jul 16, 2019

The main advice I can share is to watch out for your database and make sure to give it enough resources. That's it. I would rate this solution eight out of 10.

it_user1009236 - PeerSpot reviewer
Real User
2019-07-09T05:26:00Z
Jul 9, 2019

I recommend using this solution and I would rate the solution an eight out of 10.

TF
Consultant
2019-06-24T12:13:00Z
Jun 24, 2019

We use the on-prem version, not the cloud version of Palo Alto. We use it daily but we have logs. Normally, if we have an incident in detection from a wire system, there's more effort. But typically it would take about ten minutes in order to check the logs and it's not complex at all. But if you have some threats or viruses then, of course, maintenance takes longer. In terms of advice, I'd say it depends on the usage of the PCs. For us to use in the main production, Palo Alto benefited us. It was easy to install and performance of the traps themselves are very good. In most cases, you don't have to worry about the performance of the PC at all. Palo Alto Traps takes up very few resources. I would rate this solution 9 out of 10.

RR
Real User
2019-04-17T08:37:00Z
Apr 17, 2019

On a scale from 1-10, I would rate Palo Alto Networks Traps with an eight. It is great, but I have some issues with the cost of the product license.

MC
Real User
2019-02-11T08:11:00Z
Feb 11, 2019

Make sure you have a proper inventory of all the applications running. That's something we should have done to start with. We intended to do so but because we're using very strange applications to deal with satellite imagery, and it was giving us some issues. For somebody who's using the standard Microsoft Office, it's really straightforward. But if you have exotic applications, then make sure you test it before you deploy it. You will have issues. To maintain it, the only thing you have to do is download the latest updates and install them. After that, the only maintenance you need is checking the logs every day to see what has been sent to the cloud for sandboxing and then move to the culprit machine to see what happened. It's difficult to say how many people are required for this. As soon as you get something exotic on the machine, this can take an hour, but that's not related to Traps. Traps is just telling you there's something exotic. After that, it's the time you spend doing all the malware and other analyses. As far as Traps is concerned as such, it doesn't require much maintenance. It's something you set and forget. I would give Traps a nine out of ten. I think it's a very good application. It detected stuff that other things wouldn't detect. I'm very positive about it and was extremely satisfied with it. We had it for the reason I noted earlier. It has been replaced by something else, but I had a very good experience with it. Had we been in a Microsoft Office business - the normal applications - we never would have moved. But the people in charge of the system went to Microsoft Defender.

AK
Real User
2019-02-07T12:28:00Z
Feb 7, 2019

Overall, Traps is a very good application when you compare endpoint security solutions available in the market. You can see your value for your money. You can see the results and sleep peacefully. You don't have to worry about a ransomware attack. Traps is very well-designed. It also does good things with deep machine learning. If it finds any malicious activity, it will alert you. Based on our feedback and recommendations, our sister companies had been looking forward to replacing their current solution with the Traps. My current company is in the process of evaluating the solution.

SH
Real User
2019-02-07T12:28:00Z
Feb 7, 2019

Palo Alto Traps is good but they need to more widely promote it.

OS
Consultant
2019-02-07T12:28:00Z
Feb 7, 2019

Test normal behavior of the Traps agents (injection and policy) and confirm that there has been no change in the user experience.

LT
Real User
2019-01-17T10:53:00Z
Jan 17, 2019

If ransomware were to spread throughout your company, you would not want your file shares to be encrypted nor your servers to be affected. My advice would be get Traps on your servers and on your workstations. Go with version 5 and the cloud instance, then turn on all the features that you can. Some of them come by default disabled out-of-the-box, but you want to turn on all of the features, such as local analysis, file quarantine, WildFire, malicious and grayware blocking and quarantine, restrictions (don't allow executables to run from USB drives, unless it's whitelisted). Turn on all the exploit protections with dynamic updates, and just let it just update. Since we all know the next version of Flash Player is going to have a vulnerability which no one knows about until it's discovered. Then, at that point, it could have already been out there for a while. With Traps, it could potentially determine the exploit before it's even a known vulnerability. Turn on every single feature you can without taking an impact to performance. Once it's fine-tuned and doing its thing, I have never witnessed Traps not working properly. They have put in improvements over the years. We have been using the product for over four years now (since I've been with the company). They have added support for additional operating systems, such as Android, macOS, and Linux. They used to be Windows only. They put improvements where they no longer require you to have an on-premise server, so you can host it on the cloud. Thus, when endpoints leave the environment, they can connect to a cloud host and have full connectivity to your policies. When Traps does sandbox tests, it checks the verdict against their sandbox: WildFire. Having it in the cloud is great, because then the machine doesn't have to be on a VPN or within the company walls with connectivity to an on-premise server. Therefore, having the cloud implementation was definitely an improvement. When Palo Alto acquires a technology, they implement it into Traps and make the product better. They have done this in the past, and there are cool things coming in the future from these acquisitions.

RH
Real User
2019-01-10T08:22:00Z
Jan 10, 2019

The implementation is fairly straightforward and easy. With version 5, everything is now on the cloud. It is easy to work with and use. I would use mobile device management (MDM) or Active Directory (AD) to push the file everywhere when installing it, as it will auto go from there. The management is pretty low. Thus, it will be set it, and for the most part, you can forget it.

JN
Real User
2018-12-12T10:13:00Z
Dec 12, 2018

I think Traps has the best mix of features by price in the industry. It is not flawless by any means, but Palo Alto seems committed to it and are improving it. Traps 5.0 is promising, though they have a ways to go before I'd be willing to implement it.

Cortex XDR by Palo Alto Networks is the first threat detection and response software to combine both visibility across all types of data as well as autonomous machine learning analytics. Threat detection very often requires analysts to divide their attention among many different data streams. This platform unifies a vast variety of data flows, which allows analysts to assess threats from a single location. Users can now maintain a level of visibility that other threat detection programs...
Download Cortex XDR by Palo Alto Networks ReportRead more