I would rate Cortex XSIAM a nine out of ten. It is a scalable solution and it's easy to include or scale from one to 1,000 devices in any kind of infrastructure. Adding devices you want to include is really straightforward on the solution.
The deployment of Cortex XSIAM is straightforward. For smaller setups with few devices requiring registration and playbook implementation, deployment can be completed within two months. Larger implementations may take up to three months, but the process remains quick and efficient. Incident management in Cortex XSIAM is highly effective. It can be integrated with help desk solutions such as ServiceNow. For critical incidents, it automatically raises tickets to notify engineers to address issues through the console. The incident management capabilities have received positive feedback from analysts who consider it an excellent tool. The compliance features include both predefined templates and custom options, allowing customers to follow their specific compliance requirements alongside incident management. XSOAR operates on top of Cortex XSIAM, with XSIAM handling data ingestion and XSOAR managing automation components. I rate Cortex XSIAM 8 out of 10 and recommend it to other organizations.
Overall, I rate Cortex XSIAM an eight out of ten. We manage maintenance in-house with a team of ten engineers. Although the licensing cost is high, the architecture and in-house capabilities it provides align well with our organizational needs.
Associate Director at a financial services firm with 5,001-10,000 employees
Real User
Top 10
Feb 20, 2025
Overall, I rate the solution a five out of ten. I would recommend it to organizations requiring a standardized tool for regulation purposes. It is suitable for highly regulated organizations and not for standard operations seeking automation.
I would rate it an eight out of ten. We have a big install base of Cortex QRadar in Latin America, and we need better positioning of the product. I'd rate the solution eight out of ten.
TAC Engineer at a tech services company with 10,001+ employees
MSP
Top 10
Sep 30, 2024
I would recommend Cortex XSIAM to other users because it is a leading solution in the market. I suggest using the trial version to get to know Cortex before proceeding with a full license. I'd rate the solution ten out of ten.
Senioor Engineer of System and Security at Connex Information Technologies
Reseller
Top 5
Jul 26, 2024
The platform's analytics capabilities are particularly effective in identifying and correlating incidents. It helps identify endpoint-based incidents. The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards. I rate it an eight.
Chief Information Security Officer at a tech vendor with 1-10 employees
Real User
Top 5
Jul 3, 2024
By incorporating XSIAM, it handles and automates many manual processes but allows users to review things manually before changes are made. There is minimal maintenance from our side. I recommend it. Overall, I rate the solution a nine out of ten.
Subject Matter Expert at Softcell Technologies Limited
Reseller
Dec 27, 2023
If you want to build secure networks and you're already using a Palo Alto firewall, Cortex is a better choice. Overall, I would rate the solution a nine out of ten.
Commercial Director at a security firm with 11-50 employees
Reseller
Oct 24, 2023
Users should test the solution quite massively and deeply to verify whether it really suits their needs. You have to gather some specific knowledge to really get the profits and fully use the functionalities of the product. It's not an out-of-the-box product. If you have used the product before and know what you want to achieve, it is easy to use the solution. However, if you are newly using the solution, you have to analyze and know what you want to achieve using this tool. Overall, I rate Cortex XSIAM a seven out of ten.
Senior Manager - Security Operations at First Advantage Corporation
Real User
Sep 28, 2023
In my experience, it stands out as one of the top SIEM solutions I've had the opportunity to use. Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program. I would rate it nine out of ten.
Cortex XSIAM acts as a critical element for SOC foundations, integrating SIEM and EDR capabilities, valued for threat detection and seamless security orchestration with Palo Alto Networks products.
Organizations find Cortex XSIAM beneficial for SOC foundations due to its capability to integrate SIEM and EDR tools, facilitating data collection, detection, and response. It connects with third-party data sources while reducing management effort and offering cost-effective alternatives to...
I would rate Cortex XSIAM a nine out of ten. It is a scalable solution and it's easy to include or scale from one to 1,000 devices in any kind of infrastructure. Adding devices you want to include is really straightforward on the solution.
I am familiar with Cortex XSIAM but not with Cortex Co-pilot. On a scale of 1-10, I rate Cortex XSIAM a 9.
The deployment of Cortex XSIAM is straightforward. For smaller setups with few devices requiring registration and playbook implementation, deployment can be completed within two months. Larger implementations may take up to three months, but the process remains quick and efficient. Incident management in Cortex XSIAM is highly effective. It can be integrated with help desk solutions such as ServiceNow. For critical incidents, it automatically raises tickets to notify engineers to address issues through the console. The incident management capabilities have received positive feedback from analysts who consider it an excellent tool. The compliance features include both predefined templates and custom options, allowing customers to follow their specific compliance requirements alongside incident management. XSOAR operates on top of Cortex XSIAM, with XSIAM handling data ingestion and XSOAR managing automation components. I rate Cortex XSIAM 8 out of 10 and recommend it to other organizations.
Overall, I rate Cortex XSIAM an eight out of ten. We manage maintenance in-house with a team of ten engineers. Although the licensing cost is high, the architecture and in-house capabilities it provides align well with our organizational needs.
I would give Cortex XSIAM a rating of ten out of ten. However, I am also praying that nobody attacks my customer.
Overall, I rate the solution a five out of ten. I would recommend it to organizations requiring a standardized tool for regulation purposes. It is suitable for highly regulated organizations and not for standard operations seeking automation.
I would rate it an eight out of ten. We have a big install base of Cortex QRadar in Latin America, and we need better positioning of the product. I'd rate the solution eight out of ten.
I would recommend Cortex XSIAM to other users because it is a leading solution in the market. I suggest using the trial version to get to know Cortex before proceeding with a full license. I'd rate the solution ten out of ten.
The platform's analytics capabilities are particularly effective in identifying and correlating incidents. It helps identify endpoint-based incidents. The automation capabilities significantly improve response times by allowing us to respond to incidents from a single dashboard rather than navigating multiple dashboards. I rate it an eight.
By incorporating XSIAM, it handles and automates many manual processes but allows users to review things manually before changes are made. There is minimal maintenance from our side. I recommend it. Overall, I rate the solution a nine out of ten.
If you want to build secure networks and you're already using a Palo Alto firewall, Cortex is a better choice. Overall, I would rate the solution a nine out of ten.
Users should test the solution quite massively and deeply to verify whether it really suits their needs. You have to gather some specific knowledge to really get the profits and fully use the functionalities of the product. It's not an out-of-the-box product. If you have used the product before and know what you want to achieve, it is easy to use the solution. However, if you are newly using the solution, you have to analyze and know what you want to achieve using this tool. Overall, I rate Cortex XSIAM a seven out of ten.
In my experience, it stands out as one of the top SIEM solutions I've had the opportunity to use. Its ability to deliver a substantial amount of security intelligence greatly enhances and optimizes our security operations program. I would rate it nine out of ten.