Google Security Operations vs. Palo Alto Networks Cortex XSOAR

Overview
ProductRatingMost Used ByProduct SummaryStarting Price
Google Security Operations
Score 8.0 out of 10
N/A
Chronicle is a cloud-native SecOps platform used to proactively uncover the latest threats in near real-time, and enable security teams to detect, investigate and respond with speed and precision. It is based on the former Siemplify.N/A
Palo Alto Networks Cortex XSOAR
Score 7.1 out of 10
N/A
Cortex XSOAR, formerly Demisto and now from Palo Alto Networks since it was acquired in March 2019, provides orchestration to enable security teams to ingest alerts across sources and execute standardized, automatable playbooks for accelerated incident response. Its playbooks are powered by hundreds of integrations and thousands of security actions, striking the right balance between rapid machine execution and nuanced human oversight.N/A
Pricing
Google Security OperationsPalo Alto Networks Cortex XSOAR
Editions & Modules
No answers on this topic
No answers on this topic
Offerings
Pricing Offerings
Google Security OperationsPalo Alto Networks Cortex XSOAR
Free Trial
YesNo
Free/Freemium Version
YesNo
Premium Consulting/Integration Services
NoNo
Entry-level Setup FeeNo setup feeNo setup fee
Additional Details
More Pricing Information
Community Pulse
Google Security OperationsPalo Alto Networks Cortex XSOAR
User Ratings
Google Security OperationsPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
7.5
(0 ratings)
8.2
(0 ratings)
Likelihood to Renew
-
(0 ratings)
10.0
(0 ratings)
Implementation Rating
-
(0 ratings)
10.0
(0 ratings)
User Testimonials
Google Security OperationsPalo Alto Networks Cortex XSOAR
Likelihood to Recommend
Siemplify has a structure that is effective for supporting all types of automation and orchestration wants. It is generally designed to give security analysts an easier time; it sends group alerts that categorized according to IP. Provides customized playbooks that we have redesigned to fit the needs of our organization and they provide high quality triage.
Read full review
XSOAR is well suited for phishing detection and response. Phishing alerts are as much of a
problem today as they were decades ago. This is because: ●Attackers Can leverage automation to launch high-quantity phishing attacks with the click
of a button.
●Spear Phishing attacks are sophisticated and sometimes indistinguishable from real
emails, resulting in compromise through human error.
●Security Teams aren’t able to follow set processes while responding to phishing alerts.
They must coordinate across email inboxes, threat intel, NGFW, ticketing, and
other tools. Each tool has different consoles, data conventions, and contexts,
making it difficult for security teams to fill in the gaps while minimizing
errors. XSOAR is less suited for analyzing traffic.
Read full review
Pros
  • automation of repetitive processes
  • customized playbooks.
  • The alert triage quality.
Read full review
  • Automation with immediate security responses.
  • Comprehensive phishing protection and increased email protection.
  • Analysis and reporting feature.
  • Intuitive and easy-to-view panels.
  • Alerts by email and sms of incidents for the administration.
  • Centralized monitoring.
Read full review
Cons
  • Connector improvement
  • UX experience
  • Reporting
Read full review
  • SAML is not stable, it gives a lot of issues.
  • Pre-defined playbooks need a lot of fine tuning
  • Lacks proper documentation
Read full review
Likelihood to Renew
No answers on this topic
It has proven to be far to valuable and effective to consider getting rid of it. Until something better comes along, this is staying in our product stack.
Read full review
Implementation Rating
No answers on this topic
It was much easier than we all anticipated.
Read full review
Alternatives Considered
No answers on this topic
The quantity of integrations with security solutions is highest in Palo Alto Solution. The capacity to identify anomalous events is much better in Palo Alto Networks Cortex XSOAR. The flexibility of increased storage area is better as well. The dashboard is very intuitive about showing the most important incidents and how to resolve them.
Read full review
Return on Investment
  • Python is required
  • Need to understand conenctors
Read full review
  • Reduces man-hours spent on handling false-positive repetitive alerts, daily 40% of analysts' time saved during a 24 hour period. In the initial stage, it was 75% of analysts' time saved due to the new environment, less maturity, and a lot of un-finetuned alerts.
  • Single pane for notification, collaboration, and action (to some extent) which is a major time saver compared to the conventional method of meeting invites and emails back-and-forth.
  • Secure documentation of business-critical incidents with a need-to-know basis of access according to each role.
Read full review
ScreenShots

Google Security Operations Screenshots

Screenshot of MarketplaceScreenshot of Case ManagementScreenshot of Interactive InvestigationScreenshot of Incident ManagementScreenshot of Incident Response PlaybooksScreenshot of Interactive Dashboards